Hey list! Here's my problem...
I'm running VPN-1 4.1 SP1 on AIX for Production and
VPN-1 4.1 SP1 on NT for Testing. Not ideal, but...
In a lab environment I have successfully implemented two
independent rule setups:
1) Client
Authentication (Partially Automatic) for allowing only authorized users HTTP
and HTTPS internet access
2) HTTP redirect
to a "No no" page if users HTTP to somewhere that is not implicitly allowed by
the firewall.
Now I need to try to use them both together...but
I'm having trouble doing that. I've checked Phoneboy's most excellent
site and I don't see any pages that refer to what I'm trying. I know you
can do this (sort of) with User Authentication, but we can't use User Auth.
because the method of internet access authentication won't support it.
It looks like the 401 error page that is generated from a failed Client Auth.
is generated by the firewall itself and a reference to that on Phoneboy states
that there is no way to change that unless you hack the kernel...something I
can't do.
Has anyone else tried this before and was it
successful?
Thanks,
Paul Mills
Data Security Analyst
CCSA, CCSE
//AMERICREDIT CORPORATION
[email protected]
#27: The data on your
hard drive is out of balance.