Firewall-1
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

[FW-1] Checkpoint CLM and RSA SecurID Authentication (please help!!!)

from cisco4ng [Permanent Link]
Subject: [FW-1] Checkpoint CLM and RSA SecurID Authentication (please help!!!)
From: cisco4ng <cisco4ng AT YAHOO DOT COM>
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date: Tue, 28 Feb 2006 16:57:29 -0800 
Can someone in this group help me with this problem?
   
  I have an NGx R60A CLM (aka standalone log server) running on SPLAT.  
I can receive logs from the SPLAT Enforcement Module just fine. I can
log into this CLM Server with SmartView Tracker with the user account
  "admin" when run "cpconfig" and also with account when I run the command
"fwm -a cisco4ng".  Both of those accounts work fine.
   
  Now I would like to authenticate users when they use Smartview
Tracker to log into the CLM via RSA SecurID.  I know how to do this
with Checkpoint Provider-1.  In provider-1 environment, I just have
to put the sdconf.rec into /var/ace directory, create an account and
specify SecurID as a method of authentication.  After that, I run
"mdsstop;mdsstart" and I can authenticate users with SecurID when they
log into the MDG.
   
  However, with the CLM, I can create the /var/ace directory on the CLM
box, place the sdconf.rec in the /var/ace directory, run "cprestart".
But how can I create the user to authenticate with SecurID authentication.
Remember this is a standalone CLM, therefore, the is Smartdashboard
interface for me to create user(s). 
   
  I really do not know what to do.  It seems like everytime I opened a 
TAC case with Checkpoint regarding SecurID, the checkpoint TAC
knowledge about checkpoint and SecurID integration is just as bad
as I am.
   
  Has anyone successfully done this before with stand alone CLM and
RSA SecurID authentication?
   
  TIA
cisco4ng

                
---------------------------------
Yahoo! Mail
Bring photos to life! New PhotoMail  makes sharing a breeze. 

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
  • [FW-1] Checkpoint CLM and RSA SecurID Authentication (please help!!!), cisco4ng <=
Previous by Date:  [FW-1] R: [FW-1] R: [FW-1] Backup and Restore SmartCenter and Gateway R55, Scarpati Massimiliano
Previous by Thread:  [FW-1] Another Office mode IP address question, David Strom
Indexes:  [Date] [Thread] [Top] [All Lists]