[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] radius help
Norman, - Make sure you're not natting the communication between the firewall and the radius server. - Make both the internal nic and the licensed nic a radius client. I have setup working configs with both FP2 and FP3 to NT4 and w2k IAS. Lars > -----Original Message----- > From: Norman Zhang [mailto:[email protected]] > Sent: Friday, March 07, 2003 17:06 > To: [email protected] > Subject: [FW-1] radius help > > > Hi, > > I have done some further troubleshooting. I see the RAIDUS > packets from port > 1645 that originate from firewall to RADIUS server received > reject. But > behind the LAN on a different machine in the same subnet, I > received accept. > My firewall is set to allow outgoing traffic. Are there other > properties > that I need to set in NG FP3? > > Regards, > Norman > > ----- Original Message ----- > From: "Norman Zhang" <[email protected]> > To: <[email protected]> > Sent: Monday, March 03, 2003 5:45 PM > Subject: [FW-1] radius help > > > Hi, > > I had this working in 4.1 but I can't get RADIUS to work in NG FP3. I > installed IAS from NT 4.0 Option Pack then applied midcamp.exe and > iassp6-x86.exe from MS. > > My firewall rule is > > localusers@LAN -->any-->any-->http-->user authentication > > The RADIUS clients file is setup as > > FWIntIP mySecret > > and users as > > DEFAULT > Internal-Proxy-Server = "DLL C:\Program Files\IAS\authsam.dll" > Framed-Protocol = PPP > Framed-Routing = Send > Service-Type = Framed > > Event Viewer displays the following with Event ID: 8207, > Source: AuthSrv, > Type: Warning, Category: Malformed Packet > > Unknown Client: Source = FWIntIP:2912 > Code = Access-Request > Identifier = 64 > User-Name = InternalUser > Password = ****** > Service-Type = Authenticate-Only > NAS-IP-Address = FwExtIP > > Would someone please give some pointers here? > > Regards, > Norman > > --- > > Hi, > > I have a RADIUS on a NT 4.0 BDC. I need to able to > authenticate NG FP3 with > the RADIUS, but I seem to forget what settings that I need to > change the > users file. I tried to follow, > > DEFAULT Auth-Type = System, User-Service-Type = Login-User > > as described in > http://www.phoneboy.com/fom/fom.pl?_highlightWords=radius&file =435. But those two attributes does not seem to exist in RADIUS (I'm using the one came with NT 4.0 Option Pack (with appropriate fixes). Does anyone remember what I need to change in the configuration file to get this working? ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|