We are trying to implement an authentication scheme using RSA's
ACE/Server (SecurID tokens). We want to authenticate users (user
authentication only for now) coming through our firewall (a Nokia IP-330
running FW-1 4.0).
After battling with the system for about a week (with intermittent
success) I thought I'd turn to the collective expertise of this list. Right
now the configuration is in a lab environment, so any suggestions are
welcome. We've gone through the RSA/Checkpoint/Nokia implementation and
installation guides already, so I need some better information.
SOME QUESTIONS THAT YOU MIGHT ANSWER FOR ME:
1. Has anyone done an implemetation like this successfully?
2. Is there any good 3rd party (not RSA or Check Point) information
out there (install guides, etc.)? Where?
3. What is the message "Failed to install security policy:
Operation would block" trying to tell me when I attempt to install
a new security policy on the firewall module?
4. Any other helpful information from your experience?
For your reference our architecture looks like this: (pseudo-IP
addresses in parentheses)
GATEWAY
(subnet A.193/27)
|
|
|
(subnet A.222/27 -external interface-)
Firewall-1 4.0 (on Nokia IP-330)
(subnet B.225/28)
| |
| |
| |
(subnet B.226/28) (subnet B.227.28)
FW-1 Management Console ACE/Server
also running an FTP server also running an FTP server
(the FTP servers are running to test authentication)
Thanks in advance for your help.
Mike Boyd
-
[To unsubscribe, send mail to [EMAIL PROTECTED] with
"unsubscribe firewalls" in the body of the message.]
