Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] META IP UAM Integration

To: "Mouliswaran, Chandra" <[email protected]>
Subject: Re: [FW1] META IP UAM Integration
From: [email protected]
Date: Wed, 16 May 2001 11:57:26 -0400
Cc: "'[email protected]'" <[email protected]>
Sender: [email protected]


I recall reading documentation (don't recall if it was checkpoint student
guides, checkpoint docs, or checkpoint KB) stating that you can't do both
content security and client auth in the same rule.

I could be wrong, but this sounds suspiciously familiar.

Dave Grabowski
System Arts, Inc.[Easy to remember as 6-Hockey-Hero]
[email protected]


|--------+---------------------------------------------->
|        |          "Mouliswaran, Chandra"              |
|        |          <[email protected]>              |
|        |          Sent by:                            |
|        |          [email protected]|
|        |          kpoint.com                          |
|        |                                              |
|        |                                              |
|        |          05/15/2001 10:25 AM                 |
|        |                                              |
|--------+---------------------------------------------->
  >-----------------------------------------------------------------------------------------------------------|
  |                                                                                                           |
  |       To:     "'[email protected]'" <[email protected]> |
  |       cc:                                                                                                 |
  |       Subject:     [FW1] META IP UAM Integration                                                          |
  >-----------------------------------------------------------------------------------------------------------|





Hi all,
We successfully integrated the Meta IP UAM service with firewall service.
We
could see the NT domain user name appearing on the log viewer.
My question is,
We defined a rule as shown below.
Usergroup@Network Any http->UFPserver ClientAuth Long
When we try to use UFP server(WebSense server) with Usergroup in the source
and
action as 'Client Auth', it allows all the sites. It is not blocking the
restricted sites. How to block sites based on user group using UFP server?
We can't have 'Reject' in the action column when we use Usergroup@network
as
the source.
If we have a rule with source as 'Usergroup@Network' and action as
'Reject',
it gives error message when we try to verify and install the rule base.
The error message is 'Rule n: User Groups are allowed only on
Authentication
Rules'.
We can only have 'Client Auth' as action when we use Usergroup@Network as
the source.

Any ideas?
Thanks,
Chandra.



================================================================================

     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================








================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Problems with Push/Fetch policy over a FR link
Next by Date: RE: [FW1] virus checking
Previous by thread: Re: [FW1] META IP UAM Integration
Next by thread: RE: Re[2]: AW: [FW1] Secure Remote for Linux/Solaris, Macintosh ? ???
Index(es):
- Date
- Thread