Thanks!, i´ll take note...
Atte.
Erick Fortin
SEFISA El Salvador
Tel. (503) 2289-0097
(503) 78513257
Fax. (503 22788992
www.sefisa.com
-----Mensaje original-----
De: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] En nombre de Matthew
Odendaal
Enviado el: Jueves, 03 de Mayo de 2007 12:52 a.m.
Para: [email protected]
Asunto: Re: [FW-1] RSA Autentication Manager + NGX Cluster
Hi there
Check Point has a built-in RSA SecurID authentication agent. All it needs is
the sdconf.rec file to point it to the right server. You just have to put it
into the right directory.
You need to create the /var/ace directory yourself (also make sure the
directory is writable, as the firewall needs to write the node secret files
there the first time it establishes communication with the RSA server). Make
sure that you create 2 separate sdconf.rec files (one for each module) and
also make sure that the traffic between the cluster and the SecurID server
does not get hidden behind the cluster IP address (that will cause the
authentication to fail unless configured differently).
Once you place the sdconf.rec files into the /var/ace directories, Check
Point will automatically use the RSA server for authentication. Please note
that this only works for FireWall-1 authentication (SecuRemote/Client, SNX,
Client/Session/User Auth). For authentication to the OS itself, you will
have to integrate it slightly differently.
Matthew Odendaal
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Erick
Fortin
Sent: 03 May 2007 06:59 AM
To: [email protected]
Subject: [FW-1] RSA Autentication Manager + NGX Cluster
Hi,
I´m traying to install a RSA SecureID tokens on a checkpoint cluster
environment, I was reading the documentation and I found that you have to
make some configurations on the modules, it says that you have to place the
file sdconf.rec on the /var/ace directory on splat, but I cant find if you
have to create that folder or you need to install some software or agent in
the splat modules. Does anybody know how to configure the modules.
Your help will be appreciated
Atte.
Erick Fortin
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
