[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] RADIUS/SECURID - FW1 Authentication
ACE 5. is buggy for an agent with multiple NICs. ACE 5 expects the hostname to be assigned to the NIC that is used to communicate with the ACE server. If you have the ACE 4.0 distribution, use that on the firewall. /opt/ace/prog/sdshell will work for setting the node secret, et.al. Since the FW has version 3.3 or 4.0 libraries, it is probably OK. If you have any replica server and can turn it off, turn it off while you are trying to get the FW to work. It takes 5 minutes for the replica to get the node secret. greg Justin Derry wrote: > > We are using client or session authentication on our checkpoint fw1 4.1 > service pack 5 > servers. we have started to use securID integrated with radius server from RSA. > > The first authentication works great and authenticates the user however the > second authentication > is dropped by the firewall stating reason access by RADIUS denied. The ace > server is not allowing the second authentication. > > Anyone had this problem. Why is the firewall even making a second request > to the radius server once the > user has been authenticated.?? > > Anyone seen anything like this or had a similar problem. Appreciate > everyone's feedback > > Cheers > Justin > > =============================================== > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > =============================================== -- _______________________________________________________________ Greg Polanski mailto:[email protected] ADC Telecommunications, IncMSFAX PO Box 1cell/pager Minneapolis, MN [email protected] _______________________________________________________________ =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
|