Hi all,
Curious to know if anyone has implemented a rule that would send an alert if a VPN
authenticated user was attempting to access a resource he wasn't allowed to go to.
For example: I use LDAP authentication with my Netware servers. My client-encrypt
rule only allows people to gain access to internal resources if they are a member of a
certain group. Unfortunately, it still allows you to authenticate - you just can't
get to anything.
I want to know if there is a way to be alerted if someone, not part of that group,
authenticates and attempts to access a resource. Right now, they only appear in the
cleanup rule as drops. Can I use a negate rule (if not member of Ldap users,
accessing any resource, alert - or would that affect all of my other non-VPN rules?).
Any help is appreciated.
Rodney Lacroix
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
