[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] HTTPS issue with NG FP3 user auth
yes will be really appreciated...Thanks a lot man Regards vijay --- mcabrera <[email protected]> wrote: > I believe that the resolution is old, but i have a > NG resolution, if you > want it, i can send you > Bye. > > loop > > > -----Mensaje original----- > De: Mailing list for discussion of Firewall-1 > [mailto:[email protected]]En > nombre de Vijay > Enviado el: lunes, 22 de septiembre de 2003 3:28 > Para: [email protected] > Asunto: Re: [FW-1] HTTPS issue with NG FP3 user auth > > > Chris , > its really sad that u have lost the job , but pal it > is very important that u dont lose technical touch > and > yes it is very correct thing u r doing by accessing > the mailing lists..buddy i am sure something really > good is ahead of u...Best Of luck... > In user auth i dont require to NAT the Internal > machines since ma firewall will start the security > server which is proxy ..so i just need to mention > the > Ip addres of the checkpoint Internal NIC in the ie > proxy settings. > > All the services are OK since i am able to browse > the > http sites without any issues. > Ping and traceroute is working just fine... > there are very few rules > 1 . All_user @ user Any Any http https ftp accept. > 2. Any SMTP_Server SMTP-->resource > aceept > 3. SMTP_Server Any any accept > 4. Any any drop > this is all about it ... > regards > Vijay > > --- Chris Dias <[email protected]> wrote: > > Unfortunately, I do not have access to a > Checkpoint > > firewall and haven't for about 2years, as a layoff > > in Silicon Valley hit me just after 9/11. > However, > > I am still in the game, reading many subjects and > > belonging to this club and a Cisco club, etc, > moved > > to Hungary - learning new language, making new > > connections, doing odd work. But, I try to help > > when I can and this problem is interesting to me, > so > > I will help you if I can. I will try to summarize > > something for you by the weekend's end. > > > > Are you using Natting? What kind? DNS and other > > services OK? Traceroute and ping working as > > expected? > > > > What does your network look like? Internal web > > server? Others having same problem? > > > > It is my understanding that the object_5_c object > > usually isn't manually configured unless there is > a > > very specific reason, that this problem doesn't > seem > > to belong to. > > > > What are your other rules related to this picture? > > > > [email protected]> wrote: > > hi chris, > > No i havent tried opening all the ports..since its > > the > > user auth i have to change un the services as <443 > > am > > I right ? I chnaged http parameters in > objects_5_0.c > > ervim user auth does wirk with FP3 but only for > Http > > sites :(... > > Please let me know if u have any tested solution.. > > regards > > Vijay > > --- Chris Dias wrote: > > > Do you need to allow both ports 444 and 443 to > > pass > > > through the fw? > > > Do you need to allow ident port 113 - I don't > > > believe secure applications use this port > anymore > > - > > > not sure. > > > If you open the firewall wide open, what > happens? > > > > > > http://www.iss.net/security_center/advice/Exploits/Ports/default.htm > > > > > > This one probably doesn't apply. > > > > > > http://www.microsoft.com/windows2000/techinfo/planning/security/kerbsteps.as > p > > > > > > Curious. What parameters did you change in > > userc.C? > > > > > > Elmar van Mourik wrote: > > > As far as I know user auth is NOT working with > > https > > > in FP 3. > > > For that reason I want to upgrade to AI in the > > near > > > future. > > > > > > Elmar van Mourik > > > > > > -----Oorspronkelijk bericht----- > > > Van: Vijay [mailto:[email protected]] > > > Verzonden: donderdag 18 september 2003 15:16 > > > Aan: [email protected] > > > Onderwerp: [FW-1] HTTPS issue with NG FP3 user > > auth > > > > > > > > > Dear Checkpoint Gurus!! > > > I have written this issue before but did not get > > any > > > answers so thought I shall try again...I am > > > Installing > > > Checkpoint NG FP3 On windows 2k box. > > > I am having this rule. > > > Internal@user https, http User Auth.<----Rule > > > Number 1 > > > initially user auth was not working for http but > > > after > > > changing 3 http parameters in object_5_0.c user > > > authentication started working for HTTp sites > > only. > > > For https sites like hotmail or for that matter > > > checkpoint secure knowledge i was not able to > get > > > any > > > page in the browser. On the firewall I am > getting > > > the > > > accept for https requests. > > > Any one has any clue? Please please reply > > ....badly > > > require solution for this. > > > Regards > > > Vj > > > > > > __________________________________ > > > Do you Yahoo!? > > > Yahoo! SiteBuilder - Free, easy-to-use web site > > > design software > > > http://sitebuilder.yahoo.com > > > > > > > ================================================= > > > To set vacation, Out-Of-Office, or away > messages, > > > send an email to > > [email protected] > > > in the BODY of the email add: > > > set fw-1-mailinglist nomail > > > > ================================================= > > > To unsubscribe from this mailing list, > > > please see the instructions at > > > http://www.checkpoint.com/services/mailing.html > > > > ================================================= > > > If you have any questions on how to change your > > > subscription options, email > > > [email protected] > > > > ================================================= > > > > > > > > > Door de electronische verzending van het bericht > > > kunnen er geen rechten > > > ontleend worden aan de informatie. Als u deze > > e-mail > > > onterecht heeft > > > ontvangen, waarschuwt u dan de afzender via > > > [email protected] en verwijder > > > de gegevens van de computer. > > > > > > Zuiveringsschap Hollandse Eilanden en Waarden, > > > Dordrecht > > > tel: +31 (0)78 6397100 > === message truncated === __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|