Yep I've try it, however it's not working for all services :(
Thank for you suggestion
ML
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of
Konstantin M.
Sent: April 29, 2005 12:28 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: Re: [FW-1] How to secure/encrypt HTTP/Telnet client
authentication
In addition to the previous reply,
You can implement Clientless VPN - w/ SSL (https) for securing regular
http traffic to some server(s), it's also possible to configure it with
Client Auth.
Define Clientless VPN rule:
SOURCE: clientless_vpn_users@Any
DESTINATION: web_server_private (192.168.2.100), web_server_public
(204.32.38.105)
VPN: Any Traffic
SERVICE: https
ACTION: User Auth
For the User Auth in the ACTION column, verify HTTP is set to "All
Servers" in the User Authentication Action Properties (right click on
User Auth icon and select Edit Properties) Client Auth can also be
configured.
On 4/28/05, Michel Lapointe <Michel.Lapointe AT luninfo DOT com> wrote:
> Hello,
>
> I would like to know checkpoint client authentication over
> port
> 259(telnet) or 900(http) is secured or does it transmit username and
> password in cleartext?
>
> If it does transmit in clear text, is it possible to secure it
> like implementing https on port 900 or any other port?
>
> Thank
>
> Michel Lapointe
>
> =================================================
> To set vacation, Out-Of-Office, or away messages, send an email to
> LISTSERV AT amadeus.us.checkpoint DOT com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your subscription options,
> email fw-1-owner AT ts.checkpoint DOT com
> =================================================
>
=================================================
To set vacation, Out-Of-Office, or away messages, send an email to
LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options,
email fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
