Hi Ladies and Gentlemen.
We are running a Nokia cluster consisting of 2 devices running Checkpoint
NGX.
We wish to have Administrators who log in to the Nokias to access IPSO
either via the serial port, Voyager or telnet/ssh to be authenticated against a
Cisco ACS server.
Administrators can currently log into 1 box and get authenticated, but not
the second.
If I go into Checkpoint and remove the Topology from the cluster, or disable
the Hide behind Cluster address feature, authentication works fine, however
I do not wish to do either of these as I do not know what affect it will have
on other functions.
Is any running this configuration?
Regards
Mick.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
