I would make sure that the authentication rules are above the stealth rule. That way it hits the authentication rule before being dropped by the stealth rule.
-----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Sascha Picchiantano Sent: 18 April 2005 12:59 To: [email protected] Subject: [FW-1] Does a stealth rule disable Client Authentication? Hi, we are running NG and use SecurID to authenticate users. This works good. However, I implemented a stealth rule (deny traffic to firewall) and since then Users can't authenticate anymore. I was under the impression that authentication stuff is handled by implied rules but it looks as if not. Any idea? What do I have to open up so users can authenticate? Oh btw: When users access the Internet with a browser their browser title bar shows [ip_address_of_firewall]\fwauthredirect_[long_number_probably_cookie] and hangs there. This might be related...? Any suggestions please? :) Cheers Sascha ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ##################################################################################### This e-mail message has been scanned for Viruses and Content and cleared by 3DMail ##################################################################################### ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
