[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Prompt-less authentication for Web access
Greetings! Philippe Oechslin schrieb: > Does anybody know of a way to do client authentication on FW1 without password > prompting. To make things worse, I am in a DHCP environment and thus cannot on > IP addresses. One weird idea: use hardware authentication (e.g. certificate smartcards) to enable a VPN from inside to outside (I said that that is weird, didn't I?)... > If it is not possible with FW1, does anybody know another simple way to achieve > this. I think MS-proxy does something like this by looking up if a user is > logged in an NT Domain. An NT-independant solution would be preferred. This is the dreaded Microsoft Proxy - using NTLM authentication (compatible only within pure MS environment). Now the fabulous Samba/Squid crew programmed a mode compatible to that MS quirk. You need to use MS-IE and be authenticated against the NT domain the proxy is querying, though. Bye Volker -- Volker Tanger <[email protected]> Wrangelstr. 100, 10997 Berlin, Germany DiSCON GmbH - Internet Solutions http://www.discon.de/ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|