I configured clientless vpn (SSL) on an NG AI gateway as per solution #sk21870, to allow inbound https traffic to a couple of Lotus Domino based http servers, with user authentication. The certificate download goes ok, user authentication take place, and the site is accessable from outside with no problem. The problem comes in when I try to hit a page on the server that requires a Domino login; the Domino web login window never comes up as it normally should; instead, the firewall is prompting me to authenticate again -- three times (with different "realms" each time) -- and eventually the browser gets a 401 error with the following:
--------------------------
Error 401
FW-1 at {gateway}: Unauthorized to access the document.
Authorization is needed for FW-1.
The authentication required by FW-1 for {domain}.com is password.
Reason for failure of last attempt: Access denied - wrong user name or
password
--------------------------The log shows my successful authentication on the initial https request, then the subsequent two https requests being dropped by the cleanup rule, with the info column reading,
"resource: http://{Domino server's ip addr}:80/homepage.nsf; reason: Unknown user"
If I hit a page that doesn't require a web server login there's no problem. Any ideas???
_________________________________________________________________ Find a broadband plan that fits. Great local deals on high-speed Internet access. https://broadband.msn.com/?pgmarket=en-us/go/onm00200360ave/direct/01/
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
