On Fri, Aug 18, 2000 at 08:23:34AM -0500, Greg Winkler wrote:
>
>
> What are the options for doing user authentication on FW-1?
[.snip.]
> Is there any way to get FW-1 to use the user list in NDS or authenticate
> against the ACE/Radius? I'd like it to be transparent to the user. If
> possible, not even prompting them for an ID or password. Am I dreaming?
You can setup authentication via Ace/RADIUS to an NDS tree
using IKE, see the doc at:
(How to configure Hybrid Mode IKE for SecuRemote Authentication)
http://support.checkpoint.com/service/publisher.asp?id=55.0.4222079.2607206
You might need to point the Ace/RADIUS server to one that is NDS
aware, for example, using proxy RADIUS to Novell's BorderManager
RADIUS server. I've done this just fine.
Be sure you have 4.1 SP1 for this to work.
alan
alan
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
