[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] CheckPoint FireWall-1 Possible Authentication Bug?
hi there, This is the solution http://www.shmoo.com/mail/fw1/jul99/msg01197.html -----Original Message----- From: Jim Brown [mailto:[email protected]] Sent: Thursday, September 07, 2000 1:21 AM To: '[email protected]' Subject: [FW1] CheckPoint FireWall-1 Possible Authentication Bug? I am using external TACACS+ authentication with two defined groups (Group1 and Group2). Group1 contains a single local defined user (User1) while Group2 contains a single user *generic. GROUP1 USER1 GROUP2 *generic User1 is also defined in the external TACACS+ authentication database that is accessed by default using the *generic user. Group2 rules correctly authenticate the User1 name against the external database without issue using the *generic user entry. Things are fine and authentication works perfectly until....... I added User1 into Group2 in addition to the *generic mapping. Installed rulebase. Removed User1. Installed rulebase. Now any rules defined with Group2 will not work unless User1 is physically placed into Group2 or I completely delete User1 from the local firewall user database. User1 is no long processed by *generic user entry and it appears to remember the User1 was removed from Group2? I tried restarting the firewall with no luck. ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|