| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] Transparent User Auth?
- To: [email protected]
- Subject: Re: [FW-1] Transparent User Auth?
- From: Lars Troen <[email protected]>
- Date: Tue, 25 Feb 2003 21:17:54 +0100
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- Thread-index: AcLdCDj0t0DkcS63Qae7lUVUtnJXfgAAe8fT
- Thread-topic: [FW-1] Transparent User Auth?
It's possible to do this, but you need an addon, but it's not exactly a third party addon as it's Checkpoint software, namely MetaIP.
Other and cheaper ways of solving this particular problem would be to use a proxy server that could utilise transparent user authentication. Both MS Proxy/ISA Server and Squid (with compiled in addons for AD and SMB) could do this.
The simplest way would however be to restrict the access of the computers these users are using from accessing the internet. This could be done by assigning predefined ip addresses to these computers that would have a blocked access rule on the firewall or you I guess you could do it with some creative use of group policies.
Lars
-----Original Message-----
From: Hamilton, Kent [mailto:[email protected]]
Sent: Tue 25-Feb-03 7:18 PM
To: [email protected]
Cc:
Subject: [FW-1] Transparent User Auth?
We use FW-1 NG SP2 on Secure Platform with mixed NT domains and Active
Directory (Migrating to AD only).
I've been asked to block specific users from browsing the web without
forcing them to log in manually through the firewall. Is that possible
without third party add-on's?
I asked our vendor last week and haven't gotten an answer.
Any help/suggestions appreciated.
--
Kent Hamilton <Khamilton(at)Hunter.COM>
Manager - Systems & Networking
Hunter Engineering Company
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
�è±ëoiÆŠ‰ÎÓ9÷âqê+k�²™ë,j�¬±éÝjw¦j)m ²�M!�VX¬¶Ër�œ’š"ž×(š)í…àN
Š�¶�ž™¨¥i×lz×ðÖf¢–)à–+-ž‰šŠTèº{.nÇ+‰·Ÿ®‰†+&j)bž b²Úey«�±çèÚîr؞ƆÛiÿü0ÁÈ^rJhŠ{\¢oìz»âqë?™¨¥Šx!¶iH*.…«Þj|ª¹ë-Š‰ì¢xhÂÚ�…©à{*.®Ë±Êâ¦ØžŠmŠ‰ìzf¢•ü5£ ÞÛ�…ç$¦ˆ§µÊ&
|
|
