Giacomo Fazio schrieb: > Hello, > i want to enable telnet manual client auth to enable ssh to some > internal host in my domain from outside. > I installed a new rule with these items: > > Source: my ssh user group > Dest: the list of servers sshd > VPN : any traffic > Service: TCP ssh > Action: Client Auth > > Is it correct? > > Thanks > Giacomo >
Hi, since it's a ClientAuth, users have to connect to the Firewall directly (default telnet to 259/tcp or http to 900/tcp) to authenticate and to sign off, respectively. Be sure that these connections are allowed also, not blocked by the Stealth Rule. Best regards, Matthias -- AERAsec Network Services and Security GmbH HRB: 133265 München Wagenberger Strasse 1 UStID: DE-209125001 D-85662 Hohenbrunn, Germany Tel. +49 8102 895 190 Fax. +49 8102 895 199 Sitz der Ges.: D-85662 Hohenbrunn, Geschäftsführer: Dr. Matthias Leu http://www.aerasec.de http://www.fw-1.eu PGP Public Key: http://www.aerasec.de/wir/publickeys/MatthiasLeu.asc Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
