[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Secure Client & Policy Server Logon
Hi, To me there is a way to 'automatically' logon to the policy server by specifying it in the userc.C file like : :policy_servers (1.2.3.4) Where 1.2.3.4 is the IP address of your Policy Server, but this was obvious and you had understood this ;-)) Met vriendelijke groeten - Bien à vous - Kind regards Guy ROELANDTS EMEA GS Internet Expertise Centre - CCSE-NG Hewlett-Packard Belgium B.V.B.A./S.P.R.L. E-mail : [email protected] Tel: +32(02)729.85.61 Fax: +32(02)729.77.65 ========================================================== This message may contain confidential and/or proprietary information, and is intended only for the person/entity to whom it was originally addressed. The content of this message may contain private views and opinions which do not constitute a formal disclosure or commitment unless specifically stated. Should you receive this message by mistake please inform the sender immediately. ========================================================== -----Original Message----- From: Can2002 [mailto:[email protected]] Sent: 19 July 2003 11:43 To: [email protected] Subject: [FW-1] Secure Client & Policy Server Logon I've configured NG FP3_HF2 on a Nokia box for a client who have purchased licenses for Secure Client. We've configured a desktop security policy and all the normal groups and am able to authenticate using the latest version of Secure Client without problems and can then logon to the policy server. The client wants to use transparent mode rather than connect mode. The problem I'm experiencing is logging onto the policy server automatically when client PCs start up and have not yet authenticated to the policy server. The sequence of events we're encountering is shown below: 1. Laptop starts up, user connects to the Internet via modem. 2. User fires up web browser and attempts to connect to server in ED. 3. User is prompted for SC authentication & enters username/password. 4. User receives notification they've been successfully authenticated. 5. User receives a timeout message from their web browser. 6. User right-clicks on the SC icon abd selects 'Logon to policy server'. 7. User can now connect to resources in the ED. Having searched NG/Maillist archives I've picked up a few ideas including adding a default_ps entry to usersc.C; however this only makes things worse as inbetween being prompted for authentication and a success prompt, I receive an error saying 'SecureClient failed to communicate with Policy Server ???? at site ???.???.???.???'. We enabled the 'Policy is installed on all interfaces' SCV option in global properties, which is obviously what stops the client connecting before logging onto the Policy Server; however the client has specified that they want this option enabled. The client is unhappy with the need for authenticating and then manually logging onto the policy server; has anyone found a way round this? Cheers, Chris ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|