NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] LDAP issue with checkpoint



My understanding was that you need Account Managment license only if you
have to manage LDAP users from the FW console.  Am I wrong?  I am also
trying to implement LDAP authentication with little success.

Regds,
RK

>>> [email protected] 08/06/03 12:27PM >>>
You need to either have SmartCenter PRO or an Account Management
Module
license added to your Mgmt station

Daniel Samaan
Technical Security Consultant
CCSP, CCSE, CCNA, CCA, MCSE+I
Cell:[email protected]

---------------------------------------------------------------------
Forsythe Solutions
5440 W. Fargo Avenue
Skokie, IL 60077
www.forsythesolutions.com

Building cost-effective IT infrastructure that organizations trust.



|---------+-------------------------------------------->
|         |           Bruno Cesar Fernandes Ferraco -  |
|         |           Bruno <[email protected]>  |
|         |           Sent by: Mailing list for        |
|         |           discussion of Firewall-1         |
|         |           <[email protected]|
|         |           KPOINT.COM>                      |
|         |                                            |
|         |                                            |
|         |           08/06/2003 12:59 PM              |
|         |           Please respond to Mailing list   |
|         |           for discussion of Firewall-1     |
|---------+-------------------------------------------->

>----------------------------------------------------------------------------------------------|
  |
                         |
  |       To:       [email protected]
                         |
  |       cc:
                         |
  |       Subject:  [FW-1] LDAP issue with checkpoint
                         |

>----------------------------------------------------------------------------------------------|




Hi ,

I am trying to configure my Checkpoint NG FP1 to use my Novell
Edirectory
to authenticate my users via LDAP.
My question is . I need to have license to do it , or only config my
LDAP
account Unit?

Regards,

Bruno Ferraço
CST - Companhia Siderurgica de Tubarão

>>> [email protected] 06-08-2003 12:28:45 >>>

Hi,

You didn't mension anything about drops or accepts on the logs of the
firewall so i'll try and guess your problem here.

ASF is not a platform that i know by the way...

I'm guessing you see accepts in the logs of your firewall
bootpc and bootps are the basic services to DHCP

bootpc is UDP/68 wich is used by the server on replys to the client
bootps is UDP/67 wich is used by the client when he broadcasts a
request
(Not sure, but it can be the other way around)
Anyways you need this two ones at least.

Another thing, and this as got nothing to do with CP
Your gateway must have a bootp_relay agent or must support this, if
not
you will not be able to relay the requests from one interface to
another.
In other words with bootp_relay agent you will route any dhcp requests
to a server inside your firewall.

The best way is to setup a gateway first without thinking about
Firewalling, and put bootp_relay to work...then you think about
firewall.

This is just a guess, anyway, if you allready have bootp_relay and
tested it before and worked, then i'm sorry for the inconveniance.

hope i could be of any help anyways,

CS

>-----Original Message-----
>From: Mailing list for discussion of Firewall-1
>[mailto:[email protected]] On Behalf
>Of Imran Obaidullah M
>Sent: Wednesday, 06 August, 2003 14:51
>To: [email protected]
>Subject: [FW-1] DHCP issue with checkpoint
>
>
>Dear frds,
>During my lab setup i am having the prob which i am unable to
>troubleshoot.
>I have a DHCP client on Router (Cisco product) and DHCP server (Cisco
>Product).I am keeping DHCP client outside the firwall while
>DHCP server is
>inside the firewall.The rule base is any nay any allports allow.I
have
>created all ports group which contains all the services. DHCP
>server client
>uses follwoing ports.
>Time of day, bootp,tftp.
>I have seen and confirmed twice that above ports are included
>in the service
>group. I am still not able to establish the communication between
DHCP
>client and the DHCP server across the firewall. I can confirm that
when
>modem comes online right now modems are stuck in the initd mode.
>PLease let me know if u have any solution.
>I am using ASF 5105 2.2.1.0a FP3.
>Note I am configuring DHCP server address in the IP helper.
>
>Regards
>vj
>
>=================================================
>To set vacation, Out-Of-Office, or away messages,
>send an email to [email protected]
>in the BODY of the email add:
>set fw-1-mailinglist nomail
>=================================================
>To unsubscribe from this mailing list,
>please see the instructions at
>http://www.checkpoint.com/services/mailing.html
>=================================================
>If you have any questions on how to change your
>subscription options, email
>[email protected]
>=================================================
>


Trusted Systems - http://www.trusted.pt
Praça de Alvalade, n.º 6 - 6.º piso
1700-036 Lisboa, PORTUGAL
Tel: +00
Fax: +42

--

A presente mensagem pode conter informação considerada confidencial.
Se o receptor desta mensagem não for o destinatário indicado, fica
expressamente proibido de copiar ou endereçar a mensagem a terceiros.
Em tal situação, o receptor deverá destruir a presente mensagem e por
gentileza informar o emissor de tal facto.

Privileged or confidential information may be contained in this
message. If you are not the addressee indicated in this message, you
may not copy or deliver this message to anyone. In such case, you
should destroy this message and kindly notify the sender by reply
email.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

uut bootp_relay to work...then you t

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



--------------------------------------------------------------------------------------------------------------------
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom
they are addressed.
If you have received this email in error please notify the
originator of the message. This footer also confirms that this
email message has been scanned for the presence of computer viruses.

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.