Hi Erick et al ...
Configure as folllows: NOTE: Create NAT rule to NOT nat cluster gateways > SecurID server 1) Create Agent Host for each gateway (SecurID administration) Agent Type = Unix Agent i.e. Unix/Linux etc ... Agent Type = Communication Server i.e. Cisco/Nokia etc ... 2) Modify user auth = SecurID 3) Add each gateway to SecurID server /etc/hosts 4) Ensure SecurID ports open between gateways & SecurID server 5) Create /var/ace (root)(rw) on each gateway, generate sdconf.rec, copy to /var/ace/ 6) Create /var/ace/sdopts.rec, enter CLIENT_IP="your gateway source IP" (routable to SecurID server) 7) Restart each gateway (cpstop && cpstart) 8) Tail SecurID logs whilst logging into gateways (SecurID) for any errors etc Cheers Andrew -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- This is a PRIVATE message. If you are not the intended recipient, please delete without copying and kindly advise us by e-mail of the mistake in delivery. NOTE: Regardless of content, this e-mail shall not operate to bind CSC to any order or other contract unless pursuant to explicit written agreement or government initiative expressly permitting the use of e-mail for such purpose. -------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
