We use the RADIUS server from Funk
(http://www.funk.com) software running on a Novell 5.0
server that holds the master replica for our NDS tree.
This way the fw talks directly to our NDS tree, no
proxy involved.
THX,
Pete Goodridge
--- Alan Strassberg <[EMAIL PROTECTED]> wrote:
>
> On Fri, Aug 18, 2000 at 08:23:34AM -0500, Greg
> Winkler wrote:
> >
> >
> > What are the options for doing user authentication
> on FW-1?
> [.snip.]
> > Is there any way to get FW-1 to use the user list
> in NDS or authenticate
> > against the ACE/Radius? I'd like it to be
> transparent to the user. If
> > possible, not even prompting them for an ID or
> password. Am I dreaming?
>
> You can setup authentication via Ace/RADIUS to an
> NDS tree
> using IKE, see the doc at:
>
> (How to configure Hybrid Mode IKE for SecuRemote
> Authentication)
>
>
http://support.checkpoint.com/service/publisher.asp?id=55.0.4222079.2607206
>
> You might need to point the Ace/RADIUS server to
> one that is NDS
> aware, for example, using proxy RADIUS to Novell's
> BorderManager
> RADIUS server. I've done this just fine.
>
> Be sure you have 4.1 SP1 for this to work.
>
> alan
>
> alan
>
>
>
================================================================================
> To unsubscribe from this mailing list, please
> see the instructions at
>
> http://www.checkpoint.com/services/mailing.html
>
================================================================================
__________________________________________________
Do You Yahoo!?
Yahoo! Mail � Free email you can access from anywhere!
http://mail.yahoo.com/
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
