Let me give you an example:
I have 2 users, rajeev and cisco4ng. rajeev is Provider-1 super user while
cisco4ng is customer super user. Provider-1 ip address is 192.168.1.1. The
CMA's ip addresses are
192.168.1.2, 192.168.1.3, 192.168.1.4 and up to 192.168.1.100
According to checkpoint, both rajeev and cisco4ng can use Provider-1 MDG to
connect
to 192.168.1.1. Furthermore, rajeev and cisco4ng can use the smart dashboard
to correct
to 192.168.1.2 through 192.168.1.100 independently as they wish.
This is what I would like to see being done. I don't want rajeev and cisco4ng
to connect directly to the CMA using the smart dashboard. I want both of these
users to connect to
provider-1 first using Provider-1 MDG. After that, users can "right-click" on
the CMA and
open it with smart dashboard. That is the only way they can access the CMA. I
don't want
them to connect directly to the CMA without using MDG to connect to Provider-1
first.
Does that make sense?
Rajeev Gupta <rgup14 AT GMAIL DOT COM> wrote:
I am not sure if I have understood your question correctly but let me
add that CMA SDB can be accessed/not accessed independent of MDG. But
if a user is a P-1 Super User or Customer Super User, he should be
able to access the CMA SDB - so ensure that the user or the GUI client
is not configured to access the CMA or MDG to prohibit user from
logging into the CMA SDB.
The above may not answer your actual question that you have in mind.
If you can kindly clarify more, we can discuss more.
Rajeev
On Wed, 30 Mar 2005 10:33:16 -0800, cisco4ng wrote:
> Gurus,
>
> Is it possible to probhibit users from logging directly into the CMA via
> smartdashboard without
> first logging into Provider-1 via the MDG? I suspect the answer is no because
> Provider-1 is listening on tcp port 18190 for both the leading interface and
> the virtual CMA's IP.
>
> I would think that it can be done since checkpoint can check for the
> workstation's IP that launches SmartDashboard also already has a tcp
> connection with Provider-1 "leading" IP
> via the MDG. That shouldn't be too hard right?
>
> Any comments?
>
> cisco4ng
>
> ---------------------------------
> Do you Yahoo!?
> Make Yahoo! your home page
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner AT ts.checkpoint DOT com
> =================================================
>
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
---------------------------------
Do you Yahoo!?
Yahoo! Small Business - Try our new resources site!
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
