The easiest way to setup authentication against AD is to use IAS (internet Authentication Services (Radius)) that is included in Windows Server 2000/2003. SecurID is indeed a better solution, but also a different different solution. Making the firewall a member server sounds like a bad idea to me. Another solution would be to use LDAP for authentication, but that involves more complicated steps like expanding the AD schema and you also need a checkpoint license for LDAP.
Lars -----Original Message----- From: Mark E. Smith [mailto:[EMAIL PROTECTED] Sent: 23. mars 2004 20:24 To: [EMAIL PROTECTED] Subject: Re: [FW-1] Checkpoint NG and Active Directory I did it for a while but moved to SecurID. The way I had to do it was to make the VPN Gateway a member of the AD domain (meaning it was a Windows machine) then us OS Password. > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED] On Behalf > Of John Gesualdi > Sent: Tuesday, March 23, 2004 1:29 PM > To: [EMAIL PROTECTED] > Subject: [FW-1] Checkpoint NG and Active Directory > > Anyone Authenticating secure remote users against an Active > Directory Database and is it difficult to set up. I have > Checkpoint NG FP2, do I need any special licensing? > > -- > > > John A. Gesualdi, CCNP, CCDP, MCSE 2000 > [EMAIL PROTECTED] > The Providence Journal Company > Phone (401)277-8133 > Pager (401)785-6938 > > ================================================= > To set vacation, Out-Of-Office, or away messages, send an > email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your subscription > options, email [EMAIL PROTECTED] > ================================================= > > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
