Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] HTTPS issue with NG FP3 user auth

To: [email protected]
Subject: Re: [FW-1] HTTPS issue with NG FP3 user auth
From: Vijay <[email protected]>
Date: Mon, 22 Sep 2003 07:55:19 -0700
In-reply-to: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

yes will be really appreciated...Thanks a lot man
Regards
vijay
--- mcabrera <[email protected]> wrote:
> I believe that the resolution is old, but i have a
> NG resolution, if you
> want it, i can send you
> Bye.
>
> loop
>
>
> -----Mensaje original-----
> De: Mailing list for discussion of Firewall-1
>
[mailto:[email protected]]En
> nombre de Vijay
> Enviado el: lunes, 22 de septiembre de 2003 3:28
> Para: [email protected]
> Asunto: Re: [FW-1] HTTPS issue with NG FP3 user auth
>
>
> Chris ,
> its really sad that u have lost the job , but pal it
> is very important that u dont lose technical touch
> and
> yes it is very correct thing u r doing by accessing
> the mailing lists..buddy i am sure something really
> good is ahead of u...Best Of luck...
> In user auth i dont require to NAT the Internal
> machines since ma firewall will start the security
> server which is proxy ..so i just need to mention
> the
> Ip addres of the checkpoint Internal NIC in the ie
> proxy settings.
>
> All the services are OK since i am able to browse
> the
> http sites without any issues.
> Ping and traceroute is working just fine...
> there are very few rules
> 1 . All_user @ user Any Any http https ftp accept.
> 2.  Any     SMTP_Server      SMTP-->resource
> aceept
> 3. SMTP_Server  Any         any      accept
> 4. Any           any                 drop
> this is all about it ...
> regards
> Vijay
>
> --- Chris Dias <[email protected]> wrote:
> > Unfortunately, I do not have access to a
> Checkpoint
> > firewall and haven't for about 2years, as a layoff
> > in Silicon Valley hit me just after 9/11.
> However,
> > I am still in the game, reading many subjects and
> > belonging to this club and a Cisco club, etc,
> moved
> > to Hungary - learning new language, making new
> > connections, doing odd work.  But, I try to help
> > when I can and this problem is interesting to me,
> so
> > I will help you if I can.  I will try to summarize
> > something for you by the weekend's end.
> >
> > Are you using Natting? What kind?  DNS and other
> > services OK? Traceroute and ping working as
> > expected?
> >
> > What does your network look like? Internal web
> > server?  Others having same problem?
> >
> > It is my understanding that the object_5_c object
> > usually isn't manually configured unless there is
> a
> > very specific reason, that this problem doesn't
> seem
> > to belong to.
> >
> > What are your other rules related to this picture?
> >
> > [email protected]> wrote:
> > hi chris,
> > No i havent tried opening all the ports..since its
> > the
> > user auth i have to change un the services as <443
> > am
> > I right ? I chnaged http parameters in
> objects_5_0.c
> > ervim user auth does wirk with FP3 but only for
> Http
> > sites :(...
> > Please let me know if u have any tested solution..
> > regards
> > Vijay
> > --- Chris Dias wrote:
> > > Do you need to allow both ports 444 and 443 to
> > pass
> > > through the fw?
> > > Do you need to allow ident port 113 - I don't
> > > believe secure applications use this port
> anymore
> > -
> > > not sure.
> > > If you open the firewall wide open, what
> happens?
> > >
> >
>
http://www.iss.net/security_center/advice/Exploits/Ports/default.htm
> > >
> > > This one probably doesn't apply.
> > >
> >
>
http://www.microsoft.com/windows2000/techinfo/planning/security/kerbsteps.as
> p
> > >
> > > Curious. What parameters did you change in
> > userc.C?
> > >
> > > Elmar van Mourik wrote:
> > > As far as I know user auth is NOT working with
> > https
> > > in FP 3.
> > > For that reason I want to upgrade to AI in the
> > near
> > > future.
> > >
> > > Elmar van Mourik
> > >
> > > -----Oorspronkelijk bericht-----
> > > Van: Vijay [mailto:[email protected]]
> > > Verzonden: donderdag 18 september 2003 15:16
> > > Aan: [email protected]
> > > Onderwerp: [FW-1] HTTPS issue with NG FP3 user
> > auth
> > >
> > >
> > > Dear Checkpoint Gurus!!
> > > I have written this issue before but did not get
> > any
> > > answers so thought I shall try again...I am
> > > Installing
> > > Checkpoint NG FP3 On windows 2k box.
> > > I am having this rule.
> > > Internal@user https, http User Auth.<----Rule
> > > Number 1
> > > initially user auth was not working for http but
> > > after
> > > changing 3 http parameters in object_5_0.c user
> > > authentication started working for HTTp sites
> > only.
> > > For https sites like hotmail or for that matter
> > > checkpoint secure knowledge i was not able to
> get
> > > any
> > > page in the browser. On the firewall I am
> getting
> > > the
> > > accept for https requests.
> > > Any one has any clue? Please please reply
> > ....badly
> > > require solution for this.
> > > Regards
> > > Vj
> > >
> > > __________________________________
> > > Do you Yahoo!?
> > > Yahoo! SiteBuilder - Free, easy-to-use web site
> > > design software
> > > http://sitebuilder.yahoo.com
> > >
> > >
> =================================================
> > > To set vacation, Out-Of-Office, or away
> messages,
> > > send an email to
> > [email protected]
> > > in the BODY of the email add:
> > > set fw-1-mailinglist nomail
> > >
> =================================================
> > > To unsubscribe from this mailing list,
> > > please see the instructions at
> > > http://www.checkpoint.com/services/mailing.html
> > >
> =================================================
> > > If you have any questions on how to change your
> > > subscription options, email
> > > [email protected]
> > >
> =================================================
> > >
> > >
> > > Door de electronische verzending van het bericht
> > > kunnen er geen rechten
> > > ontleend worden aan de informatie. Als u deze
> > e-mail
> > > onterecht heeft
> > > ontvangen, waarschuwt u dan de afzender via
> > > [email protected] en verwijder
> > > de gegevens van de computer.
> > >
> > > Zuiveringsschap Hollandse Eilanden en Waarden,
> > > Dordrecht
> > > tel: +31 (0)78 6397100
>
=== message truncated ===


__________________________________
Do you Yahoo!?
Yahoo! SiteBuilder - Free, easy-to-use web site design software
http://sitebuilder.yahoo.com

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

References:
- Re: [FW-1] HTTPS issue with NG FP3 user auth
  - From: mcabrera <[email protected]>

Prev by Date: Re: [FW-1] HTTPS issue with NG FP3 user auth
Next by Date: Re: [FW-1] HTTPS issue with NG FP3 user auth
Previous by thread: Re: [FW-1] HTTPS issue with NG FP3 user auth
Next by thread: Re: [FW-1] HTTPS issue with NG FP3 user auth
Index(es):
- Date
- Thread