Topology downloads are authenticated via the method under the users
IKE/Authentication tab. They do not use the method defined under the users
Authentication tab.
I just created a special user with no rights that exists only for the
purpose of downloading topology.
When a new user comes on line they use this account for the download and
then use their hybrid account after successful topology download.
You can also just send them the user.c file from a client that has
successfully downloaded the topology from the firewall. Drop and insert and
the client is ready to go.
It was the only solution that I could come up with other than manually
adding a password for downloads on every new stinking user.
-----Original Message-----
From: Russo, Tim [mailto:[EMAIL PROTECTED]]
Sent: Monday, November 13, 2000 12:36 PM
To: [EMAIL PROTECTED]
Subject: [FW1] RADIUS Auth error when doing a SR "Update".
I am working on getting RADIUS to work with my SecureClient SP-2 w/ IKE
Hybrid encryption. I can log in using RADIUS with no problems. When I try to
do an update on the SecureClient sight however, I get an authorization
failure. The firewall logs show a rule 0 reject; "Refused topology request:
Authentication scheme not allowed for user." But the user is the generic*
user defined for RADIUS and hybrid IKE. Any ideas?
-Tim
________________________ ______ ____ ___ __
Tim Russo
Xchange, Inc.
Sr. Security Engineer
EMail: [EMAIL PROTECTED]
Phone: 617.790.2803
FAX: 617.790.2857
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
