Still not having much luck with creating this access. Here's the rule I'm trying to configure. Is there some trick to setting up the actual user account? [test user exists within "user group"] I'm expecting to see a login prompt from the firewall to allow further access to the terminal server, but no joy. The logs show the traffic being stopped by the last rule, aka the clean up rule. Do I need another port open to allow the prompt, or possibly another rule to augment the terminal server rule?
Here's the rule User Group W32 Terminal Server Tcp Port 3389 Client Auth Thanks! ----- Original Message ----- From: "Peter Goodridge" <[EMAIL PROTECTED]> To: <[EMAIL PROTECTED]> Sent: Friday, December 19, 2003 11:59 AM Subject: Re: [FW-1] User authentication mechanism[s] > Hi SG, > > I use client auth for this kind of stuff. It works > fine. It's not encrypted however unless you take some > extra steps. The other downside being that if your > user authenticates from a multiuser system, or from > behind a NAT device other folks will also have access. > > HTH, > Pete > --- Security Guy <[EMAIL PROTECTED]> > wrote: > > We have a device that resides within our DMZ, a > > select group of DHCP users will need access. I > > don't really want to give the users static IP > > addresses, can some kind of alternate authentication > > be used? I've tried User Authentication, only to > > find out it only supports telnet rlogin http,https > > and ftp. I would like to keep the users on DHCP > > IPs, they will be accessing the DMZ resource via a > > RDP connection [tcp port 3389] Will client > > authentication work? > > > > thoughts | ideas | suggestions > > > > Thanks! > > > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > __________________________________ > Do you Yahoo!? > New Yahoo! Photos - easier uploading and sharing. > http://photos.yahoo.com/ > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
