Greetings!
Philippe Oechslin schrieb:
> Does anybody know of a way to do client authentication on FW1 without password
> prompting. To make things worse, I am in a DHCP environment and thus cannot on
> IP addresses.
One weird idea: use hardware authentication (e.g. certificate smartcards) to enable
a VPN from inside to outside
(I said that that is weird, didn't I?)...
> If it is not possible with FW1, does anybody know another simple way to achieve
> this. I think MS-proxy does something like this by looking up if a user is
> logged in an NT Domain. An NT-independant solution would be preferred.
This is the dreaded Microsoft Proxy - using NTLM authentication (compatible only
within pure MS environment). Now the fabulous Samba/Squid crew programmed a mode
compatible to that MS quirk. You need to use MS-IE and be authenticated against the
NT domain the proxy is querying, though.
Bye
Volker
--
Volker Tanger <[EMAIL PROTECTED]>
Wrangelstr. 100, 10997 Berlin, Germany
DiSCON GmbH - Internet Solutions
http://www.discon.de/
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
