Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] ACE/Server v5 with Checkpoint authentication?

To: [email protected]
Subject: Re: [FW-1] ACE/Server v5 with Checkpoint authentication?
From: Scott Friedman <[email protected]>
Date: Wed, 15 May 2002 09:05:20 -0400
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Make sure the generic* user is configured for Hybrid IKE (not FWZ) and
you have IKE selected in the client
Also make sure you have "Exportable for SecuRemote" checked on the FW
object

and sdconf.rec is to be put in /var/ace off the root

Scott J. Friedman, MCSE CCSE CCNA
Security & Cisco Routing Engineer
LDMI / Ideal Technology Solutions, U.S.
Email : [email protected]
Phone :www.itsusnow.com
www.ldmi.com

>>> [email protected] 05/15/02 06:37AM >>>
Hi Scott,

When I try to connect using SecureClient from our public internet
network, I get the following entry in the log.

;log;accept;;hme0;inbound;tcp;;FW1_topo;1050;44;0;;;;;;;;;;;;;;;;;;;;;;;;;;
;log;reject;;daemon;inbound;ip;;;;;0;;;;;;;;;;;Refused Topology
request.
Authentication scheme not allowed for user

The RSA Server is up and running and I have copied the sdconf.rec to
/var/ace on the server or should that be a var/ace under FW1
directory?

I configured FW-1 so that there is a user generic* which is
authenicated
using SecurID following the instructions provided by RSA.

Any suggestions?

Regards

Russell
--
Network and Systems Administrator           Flomerics Ltd
Email: russell.aspinwall at flomerics.co.uk 81 Bridge Road
Telephone: 020-8941-8810 x3116              Hampton Court
Facsimile: 020-8941-8730                    Surrey, KT8 9HH, UK

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: Re: [FW-1] IPSO info
Next by Date: Re: [FW-1] IPSO info
Previous by thread: Re: [FW-1] ACE/Server v5 with Checkpoint authentication?
Next by thread: [FW-1] Policy Editor and SR on same machine?
Index(es):
- Date
- Thread