Thanks to the replies I have had - which all seem to imply that what I want to do is not supported by Checkpoint.
Is that really the case? To be clearer, I'm trying to set up a MS Outlook Web Access front end in the DMZ, talking to the MS exchange server internally. If I leave the OWA with a rule allowing HTTPS access from anywhere it all works. All I'm trying to do is add some user authentication to the front end, not just rely on the MS Outlook password. Can anybody suggest what I should be trying? Many thanks Alan > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED] On Behalf > Of Alan Baker > Sent: 08 August 2006 09:21 > To: [email protected] > Subject: [FW-1] Help with HTTPS User Authentication > > I'm trying to set up an application in my DMZ. This needs > HTTPS access, and I want to authenticate using "User Authentication". > > But I can't get any rule or combination to work. If I use HTTP, the > FW-1 Username/Password pop-up appears and then I get through > to the host, but nothing happens when HTTPS is used. Nothing > shows in the logs as an HTTPS hit at all. > > I have created a user, and placed them in a authenticated > user group. I have created the hosts object. The rule is > something like: > > [EMAIL PROTECTED] host "Any Traffic" http/https "User Auth" "log" etc > > As I say, HTTP works, but HTTPS doesn't. If I replace the "User Auth" > action with "Accept" I get through to the object with both > protocols. > > I'm using Check Point VPN-1(TM) NG with Application > Intelligence (R55) HFA_04. > > Any idea as to where I am going wrong? > > Alan > _______________________________________________________________________ The information in this email is confidential. It is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, or distribution is prohibited and may be unlawful. If you have received this email in error please delete it immediately and contact [EMAIL PROTECTED] _________________________________________________________________ This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
