[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] FP3 NAT and kerberos authentication
I am happy to report that my FP3 install is working fine. Had numerous problems with getting NAT to work, but I just deleted everything and started again and it all worked. Musta fat fingered something. Now all that is working I have a question about kerberos auth in case someone has seen this behavior. I am testing a MS Terminal Server from my DMZ, and am having trouble getting it to authenticate to my AD in my internal net. I have all the ldap and stuff working, but Windows auth wants to use Kerberos which is getting dropped for some reason. If I set an 'any' rule from my TS to internal, everything works, Kerberos UDP passes fine, but obviously I don't want this. When I add in services individually my Kerberos gets dropped. The only type I see is UDP. It seems very odd that it passes with any, but gets dropped when specifically allowed. Something I am missing here? Thanks, Hal ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|