Hi All, I have a problem with NGwAI R54 and Client Authentication. Well, I start with a simple default CP configuration with two FW-1 in cluster on two IP330 NOKIA and check the Client Authentication.
1: If I write a URL in my browser to connect to a remote site, Firewall-1 redirect the browser to his IP address and to port 80, and every thinks stops. 2: If I configure the IP address of the Cluster like "http proxy" in my browser, the authentication starts but the firewall return an error because the option http_proxy_mode is not set (and this event is ok, because I don't want a proxy configuration), but if at this moment if I remove the proxy configuration in my browser and try to connect to the remote site, every thinks works fine. I studied some documentation about firewall-1 and I explain what I think about: probably the redirection to the security server of the firewall is right for client authentication, but in this way the original URL is losen and the firewall is not be able to find the remote site, so Client Authentication doesn't start. With the proxy configuration on the browser I send to the firewall the remote site URL , so authentication starts, but the firewall doesn't work like a proxy, so return an error but open the proper rule to trust the client and leave the connection free when I remove the proxy set in the browser and connect succesfully to the remote site. I am becoming crazy with my problem... can anybody help me? Thankyou thankyou... very very much! Fabio Teti ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
