| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW-1] FP3 NAT and kerberos authentication
- To: [email protected]
- Subject: [FW-1] FP3 NAT and kerberos authentication
- From: Hal Dorsman <[email protected]>
- Date: Tue, 11 Feb 2003 12:32:25 -0700
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- Thread-index: AcLR/BpBHGaQ4xJ1QUe+iDClbpcM7QAB0LSw
- Thread-topic: Re: [FW-1] Conflicting IPs for tunnel & Locally connected machines.
I am happy to report that my FP3 install is working
fine. Had numerous problems with getting NAT to work,
but I just deleted everything and started again and
it all worked. Musta fat fingered something. Now
all that is working I have a question about kerberos
auth in case someone has seen this behavior. I am
testing a MS Terminal Server from my DMZ, and am having
trouble getting it to authenticate to my AD in my internal
net. I have all the ldap and stuff working, but Windows
auth wants to use Kerberos which is getting dropped for
some reason. If I set an 'any' rule from my TS to internal,
everything works, Kerberos UDP passes fine, but obviously
I don't want this. When I add in services individually my
Kerberos gets dropped. The only type I see is UDP. It seems
very odd that it passes with any, but gets dropped when
specifically allowed.
Something I am missing here?
Thanks,
Hal
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
|
|
