Thank... It work well, however the first time it ask both for a
certificate to supply, then which is normal If it trust the firewall
certificate..
Also please note that the file is $FWDIR/conf/fwauthd.conf :)
Thank
ML
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of
Dion-ben Hendriks
Sent: April 29, 2005 3:06 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] How to secure/encrypt HTTP/Telnet client
authentication
Hi Michel,
Yes its clear text, and Yes you can make it secure with https..
You should edit $CPDIR/conf/fwathd.conf and add a line like
950 fwssd in.ahclientd wait 950 ssl:defaultCert
this starts https:// clientauthb at port 950 with the defaultCert as
certificate.
Dion
> -----Oorspronkelijk bericht-----
> Van: Mailing list for discussion of Firewall-1
> [mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM]Namens Michel
> Lapointe
> Verzonden: donderdag 28 april 2005 17:23
> Aan: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
> Onderwerp: [FW-1] How to secure/encrypt HTTP/Telnet client
> authentication
>
>
> Hello,
>
> I would like to know checkpoint client authentication over
> port
> 259(telnet) or 900(http) is secured or does it transmit username and
> password in cleartext?
>
> If it does transmit in clear text, is it possible to secure it
> like implementing https on port 900 or any other port?
>
> Thank
>
> Michel Lapointe
>
> =================================================
> To set vacation, Out-Of-Office, or away messages, send an email to
> LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your subscription options,
> email fw-1-owner AT ts.checkpoint DOT com
> =================================================
>
>
>
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
