|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] SecureRemote/SecureClient on win9x w/ NT authenticatio n..
Well, it doesn't appear to be so much that their authentication isn't going through, but that they aren't even prompted for it in the first place. The logs don't show any drops, and we're allowing all protocols from tunneled clients just to be safe for the time being. As for LMHosts, we'd prefer to use WINS as our information changes somewhat regularly, and LMHOSTS files can get to be a management nightmare. -----Original Message----- From: Stuart Teo [mailto:[email protected]] Sent: Tuesday, November 20, 2001 10:50 AM To: [email protected] Subject: Re: [FW-1] SecureRemote/SecureClient on win9x w/ NT authentication.. Hi, Have you looked at the firewall logs to see why (I assume) NT domain authentication doesn't go through? Does the logs show that NBT packets are accepted and allowed through? Do you have LMHOSTS file in your Win9x clients that thell them who is the PDC? Regards, Stuart Jarmoc, Jeff wrote: > My company has been experiencing some problems with > SecureRemote/SecureClient running on win9x clients. Over the past few > months, we've been rolling out Firewall-1, and we're at the stage in > the game where we want to start using Secure Remote. However, we've > encountered a pretty serious problem. It seems to work fine on > WinNT/2000 clients, but on 95, 98, Me, etc.. we're having quite a bit > of trouble. > > > The problem is this. A user who dials up to their ISP, can connect > and successfully authenticate to the firewall via secureremote. > However, this only gives them an IP level connection. What we need is > for them to be able to log on to our NT domain, so they can access > file servers, Exchange and SQL applications, etc. NT and 2000 clients > don't appear to have any trouble, presumably because of these OS's > ability to cache credentials and other security differences. Also, 95 > and 98 users who are on cable, DSL, or other always-on internet > connections don't appear to have any problem. I'm assuming the > problem lies in the fact that the users need to first authenticate to > their ISP, then authenticate to our domain. Apparently 9x doesn't > like this process. > > > Has anyone successfully gotten this to work with 95 and/or 98? Our > reseller has been less than helpful, and checkpoint themselves have > been of little help so I'm really hoping someone out there can help me > with this. Secure Remote is one of the biggest reasons we bought this > product, and our difficulties in getting it working have not been > received well by management, nor have our reseller's lack of follow > through on helping with these problems. It's to the point where it'll > be a tough sell to keep Checkpoint in place if this isn't resolved > soon. I've tried the usual resources - Phoneboy.com, Nokia's web > site, Checkpoint and Reseller support, so my posting here is really a > last effort. > > > > Our firewalls are Nokia IP 650s, running IPSO 3.4.1 and Firewall-1 > SP3. We've tried every available secureremote build with the same > result. If anyone wants any further information I'd be more than > happy to provide it. > > > > Thanks in advance for your assistance. > =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html =============================================== =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
