Hi there,
We are having a problem with the latest desktop SDK for Checkpoint. We are
trying to integrate a two-factor authentication device for vpn authentication
This is the problem and it was also documented by someone else awhile ago.
Can anyone give us some direction?
I followed "Check Point VPN-1/FireWall-1 Secure Authentication API
Specification". But it doesn't work. The custum GUI dll can not be load when
start up securemote. Some other guys meet the same problem, and nobody answer
till now. I believe there is some detail that haven't been metioned in the SDK
document.
From:
John Guilbe
Subject:
CheckPoint - API Question
Date:
31-Oct-03 01:21 AM
Newsgroup:
comp.security.firewalls
.
.
Message:
Hi,
I have just found documentation to CheckPoints API for Third-Partyt
Authentication. I wonder if anyone out there has set this up. I use a
piece of software called SOFTID which I wish to use as my
authentication method.
Following the instructions I added the guilibs line in userC.C.
My_DLL was the name of my C++ DLL in the appropriate directory:
(
:options (
:default_key_scheme (isakmp)
:connect_mode_erase_pwd_after_update (true)
:active_resolver (true)
:resolver_ttl (0)
:resolver_session_interval (0)
:silent_topo_update (true)
:use_entelligence (false)
:manual_slan_control (true)
:encrypt_db (false)
:gettopo_port (264)
:force_udp_encapsulation (true)
:no_clear_tables (false)
:disable_stateful_dhcp (false)
:allow_clear_in_enc_domain (false)
:use_ext_auth_msg (true)
:use_ext_logo_bitmap (true)
:pwd_erase_on_time_change (false)
:enable_kill (true)
:sdl_max_wait (-1)
:ChangeIKEport (true)
:topology_over_IKE (true)
:mac_xlate (false)
:mac_xlate_interval (90)
:connect_mode (true)
:block_conns_on_erase_passwords (false)
:disable_mode_transition (true)
:connect_domain_logon (false)
:sdl_main_timeout (60000)
:show_disabled_profiles (false)
:silent_update_on_connect (false)
:stop_connect_when_silent_update_fails (false)
:go_online_days_before_expiry (0)
:go_online_always (false)
:slan_enabled (true)
:use_cert (false)
:pwd_type (true)
:no_policy (false)
:support_tcp_ike (false)
:support_ip_assignment (true)
:FTP_NL_enforce (0)
:allow_unsigned_topo (false)
:keep_df_flag (true)
)
:guilibs (
: (c:\windows\system\mydll.dll)
)
:profiles (
:active_profile (US VPN)
: (US VPN
:attributes (
............
............
Is this format correct? It keeps telling me the userc.c is corrupt!
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
