I suspect that the issis is that the Ace protocol uses your IP address
as part of an encryption key, and this fails over NAT. In theory,
there is a new ACE client/server protocol, but its not used by default
because of back compatability mode.
The protocol is documented in a paper I wrote a ways back,
www.homeport.org/~adam/dimacs.html
Adam
On Tue, Sep 28, 1999 at 04:54:33PM +0200, Sveinung Rage wrote:
| I have a question regarding NAT and ACE client/server communication.
|
| I'm trying to set up a ACE WebID agent on my internal web-server, which is
| made awailable for external users using NAT static address mapping. I have
| an ACE server located on another interface on my Checkpoint FW-1. The ACE
| server has a valid IP-address.
| When trying to authenticate with my SecurID card, i keep getting the message
| "PASSCODE incorrect".
| And this only happen when I try to authenticate from a NAT-ed
| server/workstation.
|
| Anyone who know the reason/workaround?
--
"It is seldom that liberty of any kind is lost all at once."
-Hume
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
