RE: [FW1] Secure Domain Logon w/ SP2 win98 LMHOSTS entry

Bob Bisignani Tue, 12 Sep 2000 12:32:45 -0700

Gregor,
       Yes, we are using IP Pool NAT for SecuRemote Connections.

Bob


>From: "Gregor Munro" <[EMAIL PROTECTED]>
>To: "Bob Bisignani" <[EMAIL PROTECTED]>
>Subject: RE: [FW1] Secure Domain Logon w/ SP2 win98 LMHOSTS entry
>Date: Wed, 13 Sep 2000 07:08:50 +1200
>
>Are you using IP Pooling?
>Greg
>
>-----Original Message-----
>From: Bob Bisignani [mailto:[EMAIL PROTECTED]]
>Sent: 13 September 2000 7:08 a.m.
>To: [EMAIL PROTECTED]; [EMAIL PROTECTED]; [EMAIL PROTECTED];
>[EMAIL PROTECTED]
>Subject: RE: [FW1] Secure Domain Logon w/ SP2 win98 LMHOSTS entry
>
>
>Gregor,
>        I got the LMhosts file to update alright and fw1 passes the traffic
>from the client. The log shows that the PDC/BDC never responds. Any ideas?
>Nothing is in event viewer logs.
>
>        Are you using a pcanyhere or a 3rd party gina.dll file?
>
>Thanks
>
>
>
>Bob Bisignani
>
>
> >From: "Gregor Munro" <[EMAIL PROTECTED]>
> >To: "Bob Bisignani" <[EMAIL PROTECTED]>, <[EMAIL PROTECTED]> ,
> ><[EMAIL PROTECTED]> , <[EMAIL PROTECTED]>
> >Subject: RE: [FW1] Secure Domain Logon w/ SP2 win98 LMHOSTS entry
> >Date: Tue, 12 Sep 2000 07:52:23 +1200
> >
> >Bob,
> >
> >I have it going at 7 sites now on WinNT, Win98 and Win95 platforms.
> >
> >There are a couple of gotcha's in this whole thing
> >1) check yout LMHOSTS file and make sure that the PDC data is correctly
> >being inserted.
> >Be *VERY* careful with the placing of spaces as if they are incorrect, it
> >will stop it all from working!!!
> >The online documentation says to cut and paste but its a little difficult
> >from a PDF document!
> >
> >Correct format and spacings in the dnsinfo.c file:
> >(
> >     :LMData (
> >                     : (
> >                             :ipaddr (<your PDC's IP Address>)
> >                             :name (<your PDC's Name>)
> >                             :domain (<your NT Domain name>)
> >                     )
> >             )
> >)
> >
> >For Example
> >(
> >     :LMData (
> >                     : (
> >                             :ipaddr (10.0.0.1)
> >                             :name (PDC1)
> >                             :domain (SITDOM)
> >                     )
> >             )
> >)
> >
> >Note that if you are using split dns you would have another section in 
>this
> >file...
> >
> >2) If you are using NetBIOS over NAT, then you'll need to include the
> >following line in your objects.C file on the FireWall Management server.
> >:netbios_nat (true)
> >
> >3) Make sure that the dnsinfo.C file is named dnsinfo.C - ie the case on
> >the
> >name counts (and not dnsinfo.c or DNSINFO.C). Also be wary of some text
> >editors as they sometimes insert non-text characters which once again 
>will
> >stop things from working.
> >
> >Whenever you make changes to the .C files, its good practice to stop the
> >management server (and any GUI clients) make the changes and then restart
> >the management server again. Then deploy the rulebase to the firewall
> >modules.
> >
> >Go to SecureClient and update the site. Then Check the contents of your
> >winnt\system32\drivers\etc\drivers\LMHOST's file and make sure that its
> >been
> >updated.
> >
> >
> >Yours Kindly
> >Greg Munro
> >
> >-----Original Message-----
> >From: [EMAIL PROTECTED]
> >[mailto:[EMAIL PROTECTED]]On Behalf Of Bob
> >Bisignani
> >Sent: 12 September 2000 12:23 a.m.
> >To: [EMAIL PROTECTED]; [EMAIL PROTECTED];
> >[EMAIL PROTECTED]
> >Subject: RE: [FW1] Secure Domain Logon w/ SP2 win98 LMHOSTS entry
> >
> >
> >
> >Gentlemen,
> >            Have you gotten Secure Domain Logon (SDL) to work? I tried 
>this
> >using an NT and Windows 2000 Client and I was unable to get it to work. 
>The
> >PDC never answered. The log shows the request got thru but there was 
>never
> >any return answer. NT Event viewer on the PDC does not show anything
> >either.
> >Thanks
> >
> >Bob
> >
> >
> > >From: Dan Hitchcock <[EMAIL PROTECTED]>
> > >To: "'Patrick Baird'" <[EMAIL PROTECTED]>,
> > >"'[EMAIL PROTECTED]'"
> > ><[EMAIL PROTECTED]>
> > >Subject: RE: [FW1] Secure Domain Logon w/ SP2 win98 LMHOSTS entry
> > >Date: Fri, 8 Sep 2000 16:18:42 -0700
> > >
> > >I think this is what you're after:
> > >
> > >http://support.checkpoint.com/kb/docs/public/os/winnt/pdf/SDL-Prep.pdf
> > >
> > >Don't be thrown by the "NT" in the URL - the info you want is in there.
> > >
> > >Dan Hitchcock
> > >CCNA, MCSE
> > >Network Engineer
> > >Xylo, Inc. (formerly employeesavings.com)
> > >425.456.3970
> > >The work/life solution for corporate thought leaders
> > >
> > >
> > >-----Original Message-----
> > >From: Patrick Baird [mailto:[EMAIL PROTECTED]]
> > >Sent: Friday, September 08, 2000 3:30 PM
> > >To: '[EMAIL PROTECTED]'
> > >Subject: [FW1] Secure Domain Logon w/ SP2 win98 LMHOSTS entry
> > >
> > >
> > >
> > >My previous post:  [FW1] Split Horizon DNS w/ Split DNS for VPN has 
>been
> > >resolved, it is a simple matter of getting the NAT rules correct.  my
> >fault
> > >for posting.
> > >
> > >Anyway,
> > >I am reading the SDL document for win98, authored on May 22, 2000 and I
> >see
> > >the following:
> > >
> > >"To solve the issue of browsing with a win98 client, we will manually 
>add
> > >an
> > >LMHOSTS entry to the clients:
> > >
> > >##.##.##.##        "PDC-KIRK     \0X1B"    #pre
> > >
> > >Note: SP2 for CP2000 will allow central management of this entry 
>through
> > >the
> > >use of dnsinfo.C, and this document will be updated accordingly when it
> > >becomes available.  BLAH,BLAH...BLAH,BLAH"
> > >
> > >Well, i viewed this document today, have SP2 running, so I don't think 
>it
> > >was updated.  Anyway, does anyone know how to modify the dnsinfo.C file
> >to
> > >include the additional required LMHOSTS entry for win98 clients, 
>instead
> >of
> > >having to manually add the 0x1b entry to each clients lmhosts file?
> > >
> > >thanks
> > >
> > >PDB
> > >
> > >
> > >
> >
> >===========================================================================
> >=
> > >====
> > >      To unsubscribe from this mailing list, please see the 
>instructions
> >at
> > >                http://www.checkpoint.com/services/mailing.html
> >
> >===========================================================================
> >=
> > >====
> > >
> > ><< HowtoconfigureSecureDomainLogon-PreparingYourNetwork.url >>
> >
> >_________________________________________________________________________
> >Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
> >
> >Share information about yourself, create your own public profile at
> >http://profiles.msn.com.
> >
> >
> >
> >===========================================================================
>=
> >====
> >      To unsubscribe from this mailing list, please see the instructions 
>at
> >                http://www.checkpoint.com/services/mailing.html
> >===========================================================================
>=
> >====
> >
>
>_________________________________________________________________________
>Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.
>
>Share information about yourself, create your own public profile at
>http://profiles.msn.com.
>

_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.

Share information about yourself, create your own public profile at 
http://profiles.msn.com.



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
RE: [FW1] Secure Domain Logon w/ SP2 win98 LMHOSTS entry

Reply via email to
