[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Red Hat Version
I was not going to answer the question, because saman kumara dissanayake didn't mind to post his question about 20 times, all with inappropriate subject lines. But now that he's getting wrong answers, I think I'd better correct them. I G schrieb: > > saman kumara dissanayake wrote: > > > i am using fw-1 on nt .it is working fine.but i want to configre it to as > > follows > > > > set of people only for email access > > set of people only for internet access > > > > i ty like this > > > > i create user > > i create groups > > if i put rules and servises it is not working > > > > clients are using tcp/ip .how i popup password if their are try to access > > internet. > > > > plese try to advise me > > > > saman > > > > As far as i know, you cant do it by FW-1. Because this subject belongs > to HTTP and SMTP authentication. Of course you can do that with FW-1. And saman is on the right way. The rules he has to use are (assuming groups and users are created): 1. http-user-group any http->http-resource user-authentication 2. http-user-group any http->http-resource reject The users must configure their browsers to use the FW as proxy. The resources have to be configured properly. Rule 1 asks the users in the group http-user-group for username/password before the connection is allowed. Rule 2 just prevents to fall back to a less restrictive rule if one exists. > > you can set up this with proxy-authentication. Use smtp and http proxy > which include authentication method to get you want. FW-1 provides user authentication for http, ftp, smtp and telnet. Did I forget a protocol? > > Best regards, > Ilker G. Mit freundlichen Grüßen/Kind regards Jörg Oertel -- Joerg Oertel Tel:02225/8820 MOSAIC SOFTWARE AG Fax:02225/882201 Feldstraße 8 e-mail:[email protected] 53340 Meckenheim www.mosaic-ag.com =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
|