Hi
Carlos,
Thank you for the reply. I
would like to comment on a few suggestion you made..
I
sorry if I'm getting this wrong and I don't know much about
ActivPack but seems to me that you are
choosing the wrong authentication method on the ActivPack DB it
self. We
are using LDAP and the DB / repository and we can't change the auth method from
dynamic password to static as this defeat's the object our
exercise. If
you plan to use the Internal Passwords of ActivPack, maybe you
should think about using hybrid-mode
rather then pre-shared secret passwords. This
is not an option that we can configure in Pack it's self but more something that
needs to be done on the FW. If
you plan to use pre-shared secret, ActivPack should have
another password field (just guessing but
it should be called "pre-shared secret") on the users encryption
settings. Again, this is not something that can be configured from a
Pack point of view but rather should be done on the FW (this is how we did it
with FP �) I've worked with LDAP servers and a FW-1 schema must be
added to the LDAP schema for these new fields to be available (at
least with Iplanet LDAP, this is how it works) Will you please be so kind to send me information on
how to do create the FW-1 schema in
LDAP... Don't forget that if using an external user database
that database must hold the encryption settings for
each user. how do I do this? As
I've said I don't really know ActivPack so I'm not able to give you
a clean help on this I'm just telling
you that surely that DB must hold all this info if told you.
______________________________________________ |