|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Remote access through FW-1
Crystal, In that case your best bet would be to use Client Authentication, altho if memory serves me right, it doesn't support https. But then, if you put in SR, you don't need https and you'll be fine. Mike > -----Original Message----- > From: [email protected] [SMTP:[email protected]] > Sent: ã éåðé 20 2001 9:14 > To: [email protected] > Cc: [email protected] > Subject: RE: [FW1] Remote access through FW-1 > > Thanks Mike, > > Initially around 20 users, afterwards about 150 users. When the user goes > to > the URL of the OWA on the Web server after putting in the alias, the NT OS > login screen pops up to access the mailbox, which is internal. I am > running > SSL and https on the Web server for OWA. Right now encryption is not a > major > importance just authentication through the firewall before access OWA. > > Thanks, > > Crystal > > -----Original Message----- > From: Mike Glassman - Admin [mailto:[email protected]] > Sent: Wednesday, June 20, 2001 9:47 AM > To: '[email protected]'; [email protected] > Subject: RE: [FW1] Remote access through FW-1 > > Crystal, > > This really depends on how many users you have. > > What sort of authentication are you asking for at the moment ? (If any). > What I mean is, do your users get the NT-OS login screen popup when they > try > to access their mailboxes ? > > If you have a smallish group of users, you can define them in the FireWall > and use Client Authentication when they try to access the OWA server, that > way they will have an additional username and password to enter. Of > course, > there are drawbacks to this, the first being that the more users you have > the harder to manage it becomes, and the second being that the moment your > users start having multiple usernames and passwords, chances are they will > start writing it down somewhere - which does go against the whole idea. > > The other option is as you say, to use SR on the Laptops and WS's, and add > the OWA server to your secured servers list, and thus have all > communication > between the Laptop/WS be encrypted. Again, this setup will force you to > define all the users as per the first suggestion. > > So your options as far as I see it, would be to either use SR for > encryption, or use User Auth without encryption. > > Oh yes, there's also the option of using SSL and https instead of http > access. > > Someone else might think of other ideas. > > Mike > > > -----Original Message----- > > From: [email protected] [SMTP:[email protected]] > > Sent: â éåðé 19 2001 14:45 > > To: [email protected] > > Subject: [FW1] Remote access through FW-1 > > > > We are allowing our users to access the MS Outlook WebAccess on our DMZ. > > Management would like additional authentication before access the web > > server. > > How could I use FW-1 to perform this. Could I use the client > > authentication > > to create users or groups or do I have to have the clients use > > SecureRemote > > from there home pc's or laptops to do this? > > > > Thank you, > > > > Crystal Al-Shatti > > Enterprise Network Security > > Gulf Investment Corporation, Kuwait > > [email protected] << File: InterScan_Disclaimer.txt >> << File: > InterScan_Disclaimer.txt >> ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
