Hi,
Can anyone give me some answers or examples for these questions?
_\\|//_
(-0-0-)
/-------------------------------ooO-(_)-Ooo------------------------------\
| Magnus Sandberg Email: [EMAIL PROTECTED] |
| Network Engineer, BlueLabs AB http://www.bluelabs.se/ |
| Phone: +46-8-470 2155 FAX: +46-8-470 2199 |
\------------------------------------------------------------------------/
|| ||
ooO Ooo
----- On the 8th om May 2002 Magnus Sandberg wrote; -----
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
From: Magnus Sandberg <[EMAIL PROTECTED]>
Subject: SecureClient and strict rules
Date: Wed, 08 May 2002 10:30:44 +0200
Hi,
We just started to use SecureClient and has two rules like this;
(The second line to make it possible for SecureClient users to use ping
and traceroute)
Source Destination Service Action
===================== =================== ========== =============
SecureClientUsers@Any SecureClient-encdom Any ClientEncrypt
dest-unreach
SecureClient-encdom Any echo-reply accept
time-exceeded
My question is: Is there a simple way to have more specific restrictions of
what SecureClient users can do? Like only http to these servers, ssh to
these servers, etc, etc.
I guess we have to have multiple rules. Does the users then have to
re-authenticate when using a service allowed by another rule or does the
firewall understand that it is the same SecureClient user and accept
traffic to all rules with ClientEncrypt?
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
