Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [FW-1] LDAP

from Yinal OZKAN [Permanent Link]
Subject: Re: [FW-1] LDAP
From: Yinal OZKAN <lists911 AT YAHOO DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Wed, 28 May 2003 10:42:29 -0700 
You have a chance to encrypt the LDAP traffic with SSL.
On NG FP3 go to:
Account Unit --> Servers --> Edit --> Encryption tab.
By default LDAP SSL (ldaps://) uses TCP686. (not a must).

Check your ldap server connectivity. Configuration of
ldap server varies. You may check
http://www.bayour.com/LDAPv3-HOWTO.html
for open ldap.

For MS Active Directory it is easier with MS CA. But
you still need MS High Enc. Pack. There is a good
document from CP for AD.

Command line will not use SSL by default you will need
a 3rd part ssl connector.

fyi,
- yinal ozkan

More details are available through AD conf d
--- Will Black <will AT IONGEAR DOT COM> wrote:
> Quick question. when a user is set up to use LDAP Auth. when he connects
> to the firewall and the firewall attempts auth. Is that sent in clear
> text to the firewall, and is it encrypted from the FW to the LDAP
> server?
>
> Thanks
> Will
>
>
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [FW-1] LDAP, Will Black
    • Re: [FW-1] LDAP, Yinal OZKAN <=
Previous by Date:  [FW-1] LDAP, Will Black
Next by Date:  Re: [FW-1] Secureplatform on HP DL360 with Broadcom NIC, Siddhartha Jain(IT)
Previous by Thread:  [FW-1] LDAP, Will Black
Next by Thread:  [FW-1] Query: VPN between CP NG FP3 and Cisco 3000 concentrator, Mohan Mysore
Indexes:  [Date] [Thread] [Top] [All Lists]