[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] META IP UAM Integration
Chandra, This cannot be made to work currently - checkpoint knowledgebase helpfully states: Solution: SSO Client Authentication does not work when using an HTTP resource (10000.0.271) A solution is not available at this time. Currently under investigation. Problem Description SSO Client Authentication does not work when using an HTTP resource The problem is in the fact that Authentication is an Action... Ilya Akinfiev Security Engineer SiegeWorksx 201 -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Mouliswaran, Chandra Sent: Tuesday, May 15, 2001 7:16 AM To: [email protected] Subject: [FW1] META IP UAM Integration Hi all, We successfully integrated the Meta IP UAM service with firewall service. We could see the NT domain user name appearing on the log viewer. My question is, We defined a rule as shown below. Usergroup@Network Any http->UFPserver ClientAuth Long When we try to use UFP server(WebSense server) with Usergroup in the source and action as 'Client Auth', it allows all the sites. It is not blocking the restricted sites. How to block sites based on user group using UFP server? We can't have 'Reject' in the action column when we use Usergroup@network as the source. If we have a rule with source as 'Usergroup@Network' and action as 'Reject', it gives error message when we try to verify and install the rule base. The error message is 'Rule n: User Groups are allowed only on Authentication Rules'. We can only have 'Client Auth' as action when we use Usergroup@Network as the source. Any ideas? Thanks, Chandra. ======================================================================== ======== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ======================================================================== ======== Attachment:
smime.p7s
|