i am using fw-1 on nt .it is working fine.but i want to configre it to
as follows
set of people only for email access set of people only
for internet access
i ty like this
i create user i create
groups if i put rules and servises it is not working
clients are using
tcp/ip .how i popup password if their are try to
access internet.
plese try to advise me
saman
----- Original Message -----
Sent: Monday, November 26, 2001 10:41
PM
Subject: Re: [FW-1]
SecureRemote/SecureClient on win9x w/ NT authenticatio n..
Oops.. typo there. I meant IPSO 3.4.1 and Checkpoint
4.1-SP5. Good catch!
Jeff,
Are you really running IPSO 3.4.1 and CheckPoint 4.1-SP3
? Sorry to say but this is not
supposed to be supported 3.4.1 is for CP 4.1-SP5 ... SP3 was
running on IPSO 3.3
Met vriendelijke groeten - Bien � vous - Kind
regards
Guy ROELANDTS EMEA GS Internet Expertise Centre - CCSA &
CCSE Compaq Software Engineer -
Belgium E-mail : [email protected] Tel: +32(02)729.77.44 (options 3 - 3 -
1) Fax:
+32(02)729.77.65
======================================== This message may contain confidential and/or
proprietary information, and is
intended only for the person/entity to whom it was
originally addressed. The content of
this message may contain private views and opinions which do not constitute a formal disclosure or
commitment unless specifically stated.
Should you receive this message by mistake please inform the sender immediately. =======================================
My company has been experiencing some problems with
SecureRemote/SecureClient running on win9x clients. Over the past
few months, we've been rolling out Firewall-1, and we're at the stage in
the game where we want to start using Secure Remote. However, we've
encountered a pretty serious problem. It seems to work fine on
WinNT/2000 clients, but on 95, 98, Me, etc.. we're having quite a bit of
trouble.
The problem is
this. A user who dials up to their ISP, can connect and
successfully authenticate to the firewall
via secureremote. However, this only gives them an IP level
connection. What we need is for them to be able to log on to our NT
domain, so they can access file servers, Exchange and SQL applications,
etc. NT and 2000 clients don't appear to have any trouble,
presumably because of these OS's ability to cache credentials and other
security differences. Also, 95 and 98 users who are on cable, DSL,
or other always-on internet connections don't appear to have any
problem. I'm assuming the problem lies in the fact that the users
need to first authenticate to their ISP, then authenticate to our
domain. Apparently 9x doesn't like this process.
Has anyone
successfully gotten this to work with 95 and/or 98? Our reseller has
been less than helpful, and checkpoint themselves have been of little help
so I'm really hoping someone out there can help me with this. Secure Remote is one of the
biggest reasons we bought this product, and our difficulties in getting it
working have not been received well by management, nor have our reseller's
lack of follow through on helping with these problems. It's to the
point where it'll be a tough sell to keep Checkpoint in place if this
isn't resolved soon. I've tried the usual resources - Phoneboy.com,
Nokia's web site, Checkpoint and Reseller support, so my posting here is
really a last effort.
Our firewalls are Nokia IP 650s, running IPSO
3.4.1 and Firewall-1 SP3. We've tried every available secureremote
build with the same result. If anyone wants any further information
I'd be more than happy to provide it.
Thanks in advance for your
assistance.
|