Hi, it's normal that the connection (telnet...259 or http...900) to the FW is finished after a standard sign-on. When the user wants to close the connections, he has to connect again and to make a sign-off. On the other hand, if you choose "Enalble Wait mode" mode in the rulebase (policy - properties - authentication - Client Authentication) the telnet-connection will hold. If this telnet session is closed then, the sign-off is done automatically. Hope it helps, best regards Matthias "Pires, Michael" wrote: > Question for all, > > I recently setup a Client Authentication rule for certain users going > through our network for telneting to certain ports. ex: > > securID@src_net ===> host ==> tcp-2000 ===> ClientAuth. > > The users telnet to the fw port 259 enter their username +token and get > authenitcation ok. THey select standard sign on and then the conection is > closed by the firewall. But everything work (per the rule I created) is this > normal for the firewall to close the connection after selecting standard > sign-on? Because now how does the firewall know when this person is finished > in establishing any more connection to the host before it asked for > authentication again? I thought that that firewall sign on window should > stay active so when the user is finished doing there work they can select > sign-off and close its session? > > Thanks > > _______________________________________ > Michael Pires > Security Analyst > "That vulnerability is completely theoretical." > -- Microsoft > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================ > > ================================================================================ > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================================================
begin:vcard n:Leu;Dr. Matthias tel;cell:+49 172 8943533 tel;fax:+49 89 697 59 396 tel;work:+49 89 697 59 390 x-mozilla-html:FALSE url:http://www.aerasec.de org:AERAsec Network Services and Security GmbH (iG) adr:;;Wagenberger Str. 1;Hohenbrunn b. Muenchen;;D-85662;Germany version:2.1 email;internet:[EMAIL PROTECTED] fn:Dr. Matthias Leu end:vcard
