[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Steel Belted Radius and Novell
Actually, after playing around with different settings, I've found that using the user "generic*" causes SEVERE latency in several things (authentication, data transfer, etc.). I've changed my settings to use user names on the firewall, using RADIUS authentication, and use group authentication on the RADIUS server. In doing this, authentication times came down from 15 seconds to 4 seconds, and pings responded on the first try (it took about 6 requests before a reply the other way). Thanks. Rodney >>> "Rocky Stefano" <[email protected]> 03/28/01 09:03AM >>> You might have ICMP disabled in your properties screen on the firewall. Rocky Stefano Echelon Systems Inc. [email protected] <mailto:[email protected]> www.echelonsystems.com <http://www.echelonsystems.com> BFCellCell FaxSystems that work... ---------------------------------------------------------------------------- ---------------------------------------------------------------------------- ---------------- This email may contain confidential and/or privileged information for the sole use of the intended recipient. Any review or distribution by others is strictly prohibited. If you have received this email in error, please contact the sender and delete all copies. Opinions, conclusions or other information expressed or contained in this email are not given or endorsed by the sender unless otherwise affirmed independently by the sender. ---------------------------------------------------------------------------- ---------------------------------------------------------------------------- ---------------- -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Rodney Lacroix Sent: Wednesday, March 28, 2001 8:15 AM To: [email protected] Subject: [FW1] Steel Belted Radius and Novell Hi all, I've abandoned my LDAP authentication strategy, and have moved on to (what people in this list say is working successfully) Steel Belted Radius for Netware. I have been able to authenticate properly, but am curious as to one thing: ICMP pings to hosts in my encryption domain no longer work. My DNS resolution is working, but I get no replies to pings at all. I have my rule set as a user group, containing the user "generic*", and my Radius server set up properly (I get "user authenticated by RADIUS authentication" on the SecuRemote client). Any thoughts? Rodney Lacroix ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|