| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] META IP UAM Integration
Chandra,
This cannot be made to work currently - checkpoint knowledgebase
helpfully states:
Solution: SSO Client Authentication does not work when using an
HTTP resource (10000.0.271)
A solution is not available at this time. Currently under
investigation.
Problem Description
SSO Client Authentication does not work when using an HTTP resource
The problem is in the fact that Authentication is an Action...
Ilya Akinfiev Security Engineer
SiegeWorksx 201
-----Original Message-----
From: [email protected]
[mailto:[email protected]]On Behalf Of
Mouliswaran, Chandra
Sent: Tuesday, May 15, 2001 7:16 AM
To: [email protected]
Subject: [FW1] META IP UAM Integration
Hi all,
We successfully integrated the Meta IP UAM service with firewall
service. We
could see the NT domain user name appearing on the log viewer.
My question is,
We defined a rule as shown below.
Usergroup@Network Any http->UFPserver ClientAuth Long
When we try to use UFP server(WebSense server) with Usergroup in the
source
and
action as 'Client Auth', it allows all the sites. It is not blocking the
restricted sites. How to block sites based on user group using UFP
server?
We can't have 'Reject' in the action column when we use
Usergroup@network as
the source.
If we have a rule with source as 'Usergroup@Network' and action as
'Reject',
it gives error message when we try to verify and install the rule base.
The error message is 'Rule n: User Groups are allowed only on
Authentication
Rules'.
We can only have 'Client Auth' as action when we use Usergroup@Network
as
the source.
Any ideas?
Thanks,
Chandra.
========================================================================
========
To unsubscribe from this mailing list, please see the instructions
at
http://www.checkpoint.com/services/mailing.html
========================================================================
========
Attachment:
smime.p7s
Description: S/MIME cryptographic signature
|
|
