The firewall object in you gui, is it the outside IP address or the inside IP address? ----- Original Message ----- From: "Zdenek Kotesovec" <[EMAIL PROTECTED]> To: <[email protected]> Sent: Wednesday, February 16, 2005 11:14 AM Subject: [FW-1] Logging on to Policy Server
> Hello! We have problem with logging on to Policy server - external LDAP users can't log on to Policy Server. We are using FW-1 NG R55 (HFA12). Internal firewall users are logging on to Policy Server successfully. > > Additional information - Policy Server: > * members of internal user group "SRUsers" are allowed to download policy from Policy Server > * external LDAP users are members of external "LDAP_Group" > * external "LDAP_Group" is member of internal user group "SRUsers" > > Smart View Tracker Information: > Date: 16Feb2005 > Time: 14:33:24 > Product: Policy Server > Type: Log > Action: Login > Destination: fw (xxx.xxx.xxx.xxx) > User: test > Information: PS: User test failed to log on to Policy Server. Failed to fetch user. > > Policy server debugging information: > ... > [dtps 23724 [EMAIL PROTECTED] Feb 14:33:24] Phase1_Negotiation_fn: set fn > 0001706c > [dtps 23724 [EMAIL PROTECTED] Feb 14:33:24] 14:33:24 get_user_groups_file: > Fetching user. > > [dtps 23724 [EMAIL PROTECTED] Feb 14:33:24] get_user_groups: entering > [dtps 23724 [EMAIL PROTECTED] Feb 14:33:24] 14:33:24 > get_groups_from_user_object: Fetching user done. > > [dtps 23724 [EMAIL PROTECTED] Feb 14:33:24] get_groups_from_user_object: > failed to allocate user_group object. > .... > > Could anybody of you help me? Where may be the problem? > > Thanks & Regards, > Zdenek Kotesovec > > > > ______________________________________________________________________ > This email has been scanned by the MessageLabs Email Security System. > For more information please visit http://www.messagelabs.com/email > ______________________________________________________________________ > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
