List,
I have configured the following rule on FW1 version 4.0:
src= testgrp@any
dst= any
service= ftp
action= user auth
The testgrp@any object is a 'users access' object that references an
internal LDAP server. All of the LDAP servers settings in the server object
on the FW-1 have been verified. (login DN, branches, password, etc)
The problem is that the FW seems to ignore the rule completely. When an FTP
session is initiated, the FW prompts for the userid as normal. However, the
session fails immediately if the FW userid is not configured in the local FW
database. (i.e. using the userid@fw-userid@remote-ftp-site) The FW reports
"331-aftpd: user xxxx not found)
According to the FW log, it fails due to rule 0 with the reason being
'unknown user'. It does not appear that the FW is attempting to check the
LDAP user database at all and simply fails when it can't find the user in
the local database.
Any help appreciated.
Regards,
Kent
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
