[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] LDAP issue with checkpoint
You need account management license. Wayne --- Ramakrishnan Pillai <[email protected]> wrote: > My understanding was that you need Account Managment > license only if you > have to manage LDAP users from the FW console. Am I > wrong? I am also > trying to implement LDAP authentication with little > success. > > Regds, > RK > > >>> [email protected] 08/06/03 12:27PM >>> > You need to either have SmartCenter PRO or an > Account Management > Module > license added to your Mgmt station > > Daniel Samaan > Technical Security Consultant > CCSP, CCSE, CCNA, CCA, MCSE+I > Cell:> [email protected] > > --------------------------------------------------------------------- > Forsythe Solutions > 5440 W. Fargo Avenue > Skokie, IL 60077 > www.forsythesolutions.com > > Building cost-effective IT infrastructure that > organizations trust. > > > > |---------+--------------------------------------------> > | | Bruno Cesar Fernandes Ferraco > - | > | | Bruno > <[email protected]> | > | | Sent by: Mailing list for > | > | | discussion of Firewall-1 > | > | | > <[email protected]| > | | KPOINT.COM> > | > | | > | > | | > | > | | 08/06/2003 12:59 PM > | > | | Please respond to Mailing list > | > | | for discussion of Firewall-1 > | > |---------+--------------------------------------------> > > >----------------------------------------------------------------------------------------------| > | > | > | To: > [email protected] > | > | cc: > | > | Subject: [FW-1] LDAP issue with > checkpoint > | > > >----------------------------------------------------------------------------------------------| > > > > > Hi , > > I am trying to configure my Checkpoint NG FP1 to use > my Novell > Edirectory > to authenticate my users via LDAP. > My question is . I need to have license to do it , > or only config my > LDAP > account Unit? > > Regards, > > Bruno Ferraço > CST - Companhia Siderurgica de Tubarão > > >>> [email protected] 06-08-2003 12:28:45 >>> > > Hi, > > You didn't mension anything about drops or accepts > on the logs of the > firewall so i'll try and guess your problem here. > > ASF is not a platform that i know by the way... > > I'm guessing you see accepts in the logs of your > firewall > bootpc and bootps are the basic services to DHCP > > bootpc is UDP/68 wich is used by the server on > replys to the client > bootps is UDP/67 wich is used by the client when he > broadcasts a > request > (Not sure, but it can be the other way around) > Anyways you need this two ones at least. > > Another thing, and this as got nothing to do with CP > Your gateway must have a bootp_relay agent or must > support this, if > not > you will not be able to relay the requests from one > interface to > another. > In other words with bootp_relay agent you will route > any dhcp requests > to a server inside your firewall. > > The best way is to setup a gateway first without > thinking about > Firewalling, and put bootp_relay to work...then you > think about > firewall. > > This is just a guess, anyway, if you allready have > bootp_relay and > tested it before and worked, then i'm sorry for the > inconveniance. > > hope i could be of any help anyways, > > CS > > >-----Original Message----- > >From: Mailing list for discussion of Firewall-1 > >[mailto:[email protected]] > On Behalf > >Of Imran Obaidullah M > >Sent: Wednesday, 06 August, 2003 14:51 > >To: [email protected] > >Subject: [FW-1] DHCP issue with checkpoint > > > > > >Dear frds, > >During my lab setup i am having the prob which i am > unable to > >troubleshoot. > >I have a DHCP client on Router (Cisco product) and > DHCP server (Cisco > >Product).I am keeping DHCP client outside the > firwall while > >DHCP server is > >inside the firewall.The rule base is any nay any > allports allow.I > have > >created all ports group which contains all the > services. DHCP > >server client > >uses follwoing ports. > >Time of day, bootp,tftp. > >I have seen and confirmed twice that above ports > are included > >in the service > >group. I am still not able to establish the > communication between > DHCP > >client and the DHCP server across the firewall. I > can confirm that > when > >modem comes online right now modems are stuck in > the initd mode. > >PLease let me know if u have any solution. > >I am using ASF 5105 2.2.1.0a FP3. > >Note I am configuring DHCP server address in the IP > helper. > > > >Regards > >vj > > > >================================================= > >To set vacation, Out-Of-Office, or away messages, > >send an email to [email protected] > >in the BODY of the email add: > >set fw-1-mailinglist nomail > >================================================= > >To unsubscribe from this mailing list, > >please see the instructions at > >http://www.checkpoint.com/services/mailing.html > >================================================= > >If you have any questions on how to change your > >subscription options, email > >[email protected] > >================================================= > > > > === message truncated === __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|