[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: RE: [FW1] Re: RE: Radius authentication - What shows the eventvie wer?
May be, the problem with Radius server i agree.but i am running cisco secure.i just have made a windows 2000 advanced server as a radius server.also i used the same machine as a radius server for pix.it was working fine.now i am sure that i made the necessary changes for fw-1,actually it is only the name matters and the client's ip address as fw-1 's directly connected interface's ip. if again you feel that the problem may be with raidus server, i will send the exact details of how i configured the radius server. thanks mohamed. On Wed, 03 Oct 2001 Neil Burfoot wrote : > I had exactly this problem with Radius trying to get > FW-1 4.1 SP4 to > authenticate too our NT4 PDC running Cisco Secure ACS > 2.5 (Radius Server). > The request got to the PDC but just seemed to die > there. I put Cisco Secure > 2.4 on my laptop and used this as the Radius server and > FW-1 authenticated > the user first time. I therefore suspect that its not > FW-1 that you have the > problem with but the Radius Server. > > -----Original Message----- > From: mohamed maraikayar [mailto:[email protected]] > Sent: Thursday, September 27, 2001 11:46 AM > To: Samuel Wuethrich > Cc: [email protected] > Subject: [FW1] Re: RE: Radius authentication - What > shows the > eventviewer? > > > > > > > I thorougly checked the event viewer for any logs, no > such logs relating to > IAS.I have also configured to log sucessful and > unsucessful attempts in > Win2k.I disconnected the cable from fw-1 and radius > server, which showed no > difference.I even tried with radius version 1,2 then > new radius.there are no > differece in behaviour.I searched the mailing lists > also.i need a help from > you all, > thanks > mohamed. > > On Thu, 27 Sep 2001 Samuel Wuethrich wrote : > > Take a look at the W2000 eventviewer, what does it > > shows related to the > > Radius Service? Perisonally, I've seen that the > > firewall request was > > originating from the inside n > > > > SAM > > > > -----Original Message----- > > From: mohamed maraikayar [mailto:[email protected]] > > Sent: Mittwoch, 26. September 2001 14:58 > > To: Brockhoven,Werner > > Cc: [email protected] > > Subject: [FW1] Re: RE: Radius authentication > > > > > > > > > > I havent added any rules till now.now i added 2 rules, > > > from firewallgateway > > to raduis server any is allowed and vice versa.Still > i > > recieve the same > > error.i configured a rule as " allusers@any ftp-serv > > ftp userauth gateway " > > and in the user properties, i enabled radius > > authentication for a user,say > > mohd.when i ftp to ftp-serv,i get a prompt bcoz of > of > > user authentication > > rule.i entered the username mohd,that is to be > > authenticated by radius > > server.so fw-1 gave a prompt, "radius password:" ,i > > typed the password.then > > it took some 10 seconds time and displayed,"radius > > servers not responding".i > > disconnected the cable from fw-1 to radius server and > > tried again,i got the > > same error.so i can now conclude that there is some > > thing missing in the > > configuration of fw-1 or fw-1 related.any clues ? > > thanks > > mohamed. > > > > On Wed, 26 Sep 2001 Brockhoven, Werner wrote : > > > Hi, > > > > > > Do you have a rule to allow communication between > the > > > radius and the FW-1 ? > > > What do you get in t > ou to send mails to the > > > checkpoint mailing list > > > and not directly to me personally. > > > > > > Regards, > > > > > > Werner > > > > > > > > > -----Original Message----- > > > From: mohamed maraikayar > [mailto:[email protected]] > > > Sent: Wednesday, September 26, 2001 12:41 PM > > > To: Brockhoven, Werner > > > Subject: Radius authentication > > > > > > > > > > > > Sorry, i am sending you a third mail.Now i have > made > > a > > > win 2000 advanced > > > server as radius server.i have done the necesary > > > configurations , us > server > > > group etc.The win NT > > > (SP4), i have installed checkpoint 4.1 (SP2).i have > > > defined the radius > > > server,shared key etc in check point also.but the > > error > > > i get is,"Radius > > > server not responding" , i searched mailing list > also, > > > > > but didnt get the > > > answer.what may be the problem ? > > > thanks, > > > mohamed. > > > > > > > > > > > > > > > > ======================================================- > ==- > > ==================== > > ==== > > To unsubscribe from this mailing list, please > see > > the instructions at > > http://www.checkpoint.com/services/mail- > in- > > g.html > > ======================================================- > ==- > > ==================== > > ==== > > > > > ========================================================- > ==================== > ==== > To unsubscribe from this mailing list, please see > the instructions at > http://www.checkpoint.com/services/mailin- > g.html > ========================================================- > ==================== > ==== > > > > ========================================================- > ==================== > ==== > To unsubscribe from this mailing list, please see > the instructions at > http://www.checkpoint.com/services/mailin- > g.html > ========================================================- > ==================== > ==== > > > > ========================================================- > ==================== > ==== > To unsubscribe from this mailing list, please see > the instructions at > http://www.checkpoint.com/services/mailin- > g.html > ========================================================- > ==================== > ==== > > > ********************************************************- > ************** > The information transmitted in this email is intended > only for the person to > > whom it is addressed and may contain confidential > and/or privileged > material. > Any review, retransmission, dissemination or other use > of, or taking of any > action in reliance upon, this information other than by > the intended > Recipient is prohibited. If you receive this email in > error, please contact > the sender and delete the material from any computer. > > Communications transmitted over the Internet are not > secure. The process of > transmission may have infected the message and its > contents with a computer > virus. Eurodata Systems plc will not accept > responsibility for any damage > caused to the recipients computer systems when the > message or contents are > opened. > ********************************************************- > ************** > This message has been checked for all known viruses by > ESafe > > ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|