Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Red Hat Version

To: [email protected]
Subject: Re: [FW-1] Red Hat Version
From: Jörg Oertel <[email protected]>
Date: Wed, 28 Nov 2001 10:26:08 +0100
Organization: MOSAIC SOFTWARE AG
References: <[email protected]> <001b01c17760$781df700$0a1cdcc1@ns1> <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

I was not going to answer the question, because saman kumara dissanayake
didn't mind to post his question about 20 times, all with inappropriate
subject lines.

But now that he's getting wrong answers, I think I'd better correct
them.

I G schrieb:
>
> saman kumara dissanayake wrote:
>
> > i am using fw-1 on nt .it is working fine.but i want to configre it to as
> > follows
> >
> > set of people only for email access
> > set of people only for internet access
> >
> > i ty like this
> >
> > i create user
> > i create groups
> > if i put rules and servises it is not working
> >
> > clients are using tcp/ip .how i popup password if their are try to access
> > internet.
> >
> > plese try to advise me
> >
> > saman
> >
>
> As far as i know, you cant do it by FW-1. Because this subject belongs
> to HTTP and SMTP authentication.

Of course you can do that with FW-1. And saman is on the right way.

The rules he has to use are (assuming groups and users are created):

1. http-user-group     any      http->http-resource
user-authentication
2. http-user-group     any      http->http-resource      reject

The users must configure their browsers to use the FW as proxy. The
resources have to be configured properly.

Rule 1 asks the users in the group http-user-group for username/password
before the connection is allowed. Rule 2 just prevents to fall back to a
less restrictive rule if one exists.

>
> you can set up this with proxy-authentication. Use smtp and http proxy
> which include authentication method to get you want.

FW-1 provides user authentication for http, ftp, smtp and telnet. Did I
forget a protocol?

>
> Best regards,
> Ilker G.

Mit freundlichen Grüßen/Kind regards
Jörg Oertel

--
Joerg Oertel            Tel:02225/8820
MOSAIC SOFTWARE AG      Fax:02225/882201
Feldstraße 8            e-mail:[email protected]
53340 Meckenheim        www.mosaic-ag.com

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

Follow-Ups:
- Re: [FW-1] Red Hat Version
  - From: I G <[email protected]>

References:
- [FW-1] Red Hat Version
  - From: "Andrade Guerra, Marcelo" <[email protected]>
- Re: [FW-1] Red Hat Version
  - From: saman kumara dissanayake <[email protected]>
- Re: [FW-1] Red Hat Version
  - From: I G <[email protected]>

Prev by Date: Re: [FW-1] SecureClient and NAT at Client end
Next by Date: [FW-1] Citrix trough securemote NG
Previous by thread: Re: [FW-1] Red Hat Version
Next by thread: Re: [FW-1] Red Hat Version
Index(es):
- Date
- Thread