On 5/16/07, Sergio Alvarez <[EMAIL PROTECTED]> wrote:
Hello, I have a customer that currently has a MS ISA Server that receives inbound SSL connections destined to an internal server, the ISA server receives and decrypts the SSL tunnel, checks the data and then creates a new SSL connection to the final destination server behind it. Is it possible to do such thing with a Check Point firewall?
You might be able to do this with the build in security servers. Search for #sk21870 .... 443 fwssd in.ahttpd wait 443 ec:certificateName Note that the "ec" stands for Encrypt Client which means that the encryption will take place only between the client and the firewall. The firewall will then use a clear connection to communicate with the internal web server. To learn how to configure "eb" (Encrypt Both), in which both client -> firewall and firewall -> web server connections will be encrypted click here<https://secureknowledge.checkpoint.com/SecureKnowledge/viewSolutionDocument.do?lid=sk13374> ..... But depending on the client's needs it might be wiser to invest in a dedicated reverse proxy. Br. Robby ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
