Hi, Michael:
Yes...this configuration is correct, but seems to be that in NG FP4 (AI) the
following error does appear in SmartViewTracker:
Error: "message_info: connect command found in http request"
In a (sk20988) checkpoint tell you that this problem are in a kernel
configuration, you will have to change a value inside the OS, the value is:
"asm_http_allow_connect = 1"
Later reboot and reinstall the policies.
The (HTTPS) rule configuration is simple now....
Thanks Michael....but this resolution solve my problem
/matt
-----Mensaje original-----
De: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM]En nombre de
michael.decamps AT VALLOUREC DOT FR
Enviado el: miércoles, 31 de diciembre de 2003 5:09
Para: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Asunto: [FW-1] Réf. : [FW-1] USER AUTH WITH AI...URGENT...!!!
Importancia: Alta
Yes, we did (but not in StandAlone mode).
One important thing : don't forget to fill in : Global Properties --->
Firewall-1 --> Security Server : HTTP Next Proxy (if you use a proxy).
And (sk12960) if you use a proxy server verify this values in
Objects_5-0.c :
Under the ":props" section :
http_connection_method_tunneling (true)
http_connection_method_proxy (true)
http_connection_method_transparent (true)
Best regards,
Michael.
Mateo Cabrera - Easynet SRL
<mcabrera AT EASYNET.COM DOT UY> Pour :
FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Envoyé par : Mailing list for cc :
discussion of Firewall-1 Objet :
[FW-1] USER AUTH WITH AI...URGENT...!!!
<FW-1-MAILINGLIST AT AMADEUS.US DOT CHECK
POINT.COM>
30/12/2003 22:12
Veuillez répondre à Mailing list
for discussion of Firewall-1
Somebody did configure HTTPS with UserAuthentication in NG FP4 (Application
Inteligence)...???
Is a StanAlone environment (SmartCenterServer+Enforcement Module) on a
NOKIA
IP330 with IPSO 3.7
Thanks a lot...!!!
/matt
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
