I've been thinking of going the LDAP route too. If I have an existing
OpenLDAP server in-house, do I need to add any license to my FW-1 in
order to auth users with their LDAP password?
Thanks,
-Steve
CryptoTech wrote:
>
> Michael,
> Yes and no. If all you want is a basic 'who is this user', then you can define a
> radius server in the firewall and create a user generic* and use that user (actually
> a group containing that user, like the default 'all groups') in your auth rule.
>
> Otherwise, you can get a license for account management and create 'shadow groups',
> or mappings between firewall groups and ldap groups or containers and use those in
> your rulebase.
>
> CT
>
> [EMAIL PROTECTED] wrote:
>
> > Can Checkpoint use an outside authentication method to authenticate users?
> >
> > I'm looking to force authentication for internal people browsing the web
> > but don't want to put every user in Checkpoint's user list.
> >
> > I have an LDAP server I can authenticate to, or I could set up a radius
> > server as a gateway.
> >
> > Michael Breton
> > Geiger
> > (207) 755-2338
> >
> > ================================================================================
> > To unsubscribe from this mailing list, please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > ================================================================================
>
> ================================================================================
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> ================================================================================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
