NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] LDAP issue with checkpoint



You need account management license.

Wayne
--- Ramakrishnan Pillai <[email protected]>
wrote:
> My understanding was that you need Account Managment
> license only if you
> have to manage LDAP users from the FW console.  Am I
> wrong?  I am also
> trying to implement LDAP authentication with little
> success.
>
> Regds,
> RK
>
> >>> [email protected] 08/06/03 12:27PM >>>
> You need to either have SmartCenter PRO or an
> Account Management
> Module
> license added to your Mgmt station
>
> Daniel Samaan
> Technical Security Consultant
> CCSP, CCSE, CCNA, CCA, MCSE+I
> Cell:> [email protected]
>
>
---------------------------------------------------------------------
> Forsythe Solutions
> 5440 W. Fargo Avenue
> Skokie, IL 60077
> www.forsythesolutions.com
>
> Building cost-effective IT infrastructure that
> organizations trust.
>
>
>
>
|---------+-------------------------------------------->
> |         |           Bruno Cesar Fernandes Ferraco
> -  |
> |         |           Bruno
> <[email protected]>  |
> |         |           Sent by: Mailing list for
>   |
> |         |           discussion of Firewall-1
>   |
> |         |
> <[email protected]|
> |         |           KPOINT.COM>
>   |
> |         |
>   |
> |         |
>   |
> |         |           08/06/2003 12:59 PM
>   |
> |         |           Please respond to Mailing list
>   |
> |         |           for discussion of Firewall-1
>   |
>
|---------+-------------------------------------------->
>
>
>----------------------------------------------------------------------------------------------|
>   |
>                          |
>   |       To:
> [email protected]
>                          |
>   |       cc:
>                          |
>   |       Subject:  [FW-1] LDAP issue with
> checkpoint
>                          |
>
>
>----------------------------------------------------------------------------------------------|
>
>
>
>
> Hi ,
>
> I am trying to configure my Checkpoint NG FP1 to use
> my Novell
> Edirectory
> to authenticate my users via LDAP.
> My question is . I need to have license to do it ,
> or only config my
> LDAP
> account Unit?
>
> Regards,
>
> Bruno Ferraço
> CST - Companhia Siderurgica de Tubarão
>
> >>> [email protected] 06-08-2003 12:28:45 >>>
>
> Hi,
>
> You didn't mension anything about drops or accepts
> on the logs of the
> firewall so i'll try and guess your problem here.
>
> ASF is not a platform that i know by the way...
>
> I'm guessing you see accepts in the logs of your
> firewall
> bootpc and bootps are the basic services to DHCP
>
> bootpc is UDP/68 wich is used by the server on
> replys to the client
> bootps is UDP/67 wich is used by the client when he
> broadcasts a
> request
> (Not sure, but it can be the other way around)
> Anyways you need this two ones at least.
>
> Another thing, and this as got nothing to do with CP
> Your gateway must have a bootp_relay agent or must
> support this, if
> not
> you will not be able to relay the requests from one
> interface to
> another.
> In other words with bootp_relay agent you will route
> any dhcp requests
> to a server inside your firewall.
>
> The best way is to setup a gateway first without
> thinking about
> Firewalling, and put bootp_relay to work...then you
> think about
> firewall.
>
> This is just a guess, anyway, if you allready have
> bootp_relay and
> tested it before and worked, then i'm sorry for the
> inconveniance.
>
> hope i could be of any help anyways,
>
> CS
>
> >-----Original Message-----
> >From: Mailing list for discussion of Firewall-1
> >[mailto:[email protected]]
> On Behalf
> >Of Imran Obaidullah M
> >Sent: Wednesday, 06 August, 2003 14:51
> >To: [email protected]
> >Subject: [FW-1] DHCP issue with checkpoint
> >
> >
> >Dear frds,
> >During my lab setup i am having the prob which i am
> unable to
> >troubleshoot.
> >I have a DHCP client on Router (Cisco product) and
> DHCP server (Cisco
> >Product).I am keeping DHCP client outside the
> firwall while
> >DHCP server is
> >inside the firewall.The rule base is any nay any
> allports allow.I
> have
> >created all ports group which contains all the
> services. DHCP
> >server client
> >uses follwoing ports.
> >Time of day, bootp,tftp.
> >I have seen and confirmed twice that above ports
> are included
> >in the service
> >group. I am still not able to establish the
> communication between
> DHCP
> >client and the DHCP server across the firewall. I
> can confirm that
> when
> >modem comes online right now modems are stuck in
> the initd mode.
> >PLease let me know if u have any solution.
> >I am using ASF 5105 2.2.1.0a FP3.
> >Note I am configuring DHCP server address in the IP
> helper.
> >
> >Regards
> >vj
> >
> >=================================================
> >To set vacation, Out-Of-Office, or away messages,
> >send an email to [email protected]
> >in the BODY of the email add:
> >set fw-1-mailinglist nomail
> >=================================================
> >To unsubscribe from this mailing list,
> >please see the instructions at
> >http://www.checkpoint.com/services/mailing.html
> >=================================================
> >If you have any questions on how to change your
> >subscription options, email
> >[email protected]
> >=================================================
> >
>
>
=== message truncated ===


__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.