Hey Guys, I have an issue whereby I cannot ClientEncrypt off a Firewall using SecurID as the Authentication method. On the Ace Server, I have defined: (1) Firewall as a valid Client with "Secondary Node" definitions On the Firewall, I have defined: (1) Rule passing tcp5510 and udp5500 between Ace Server and Firewall (2) Copied /ace/data/sdconf.rec from Ace to /var/ace on the Firewall bouncing Firewall appropriately. (3) Set User to run with IKE and Auth Scheme of SecurID. The IKE Properties have been set to an Auth of a Password. (4) Defined appropriate ClientEncrypt rule and Encryption Domain I have replicated the hosts files on each of the boxes. I can retrieve Site happily, but on launching my session to the Encrypt Domain I am not asked for a PASSCODE. It accepts the Password defined under the IKE Properties. Strange? As a test, I attempted tcp connections on tcp 259 to the same Firewall. I get the "C'Point Client Authentication Server running on ..." and I enter a User and Passcode appropriately. However I get the error in the Client Window "unable to activate SecurID auth". In the Firewall Log Viewer I get Communication Problems. No also that no node secret is created on the Ace Server under the Clients Window. Thanks, Terry. _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
