[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] IIS Authentication (NT Challenge/Response) thru FW1
Your issue may have to do with the token-passing behavior of Internet Explorer. If you are using Netscape, you're out of luck; with Internet Explorer, however, you can make some changes to improve this situation. By default, IE will only send NTLM authentication traps to sites defined as "local intranet" in Tools->Internet Options->Security. This is designed to prevent your NTLM authentication information from getting thrown at every internet site you visit. If your website appears at "local intranet" in the lower-right of your IE browser, then this is not the issue. However, if it is anything else, you can fix the issue by adding the destination website to the "Local Intranet" definition on the IE client. Hope that helps... Dan Hitchcock CCNA, MCSE Network Engineer Xylo, Inc. (formerly employeesavings.com)The work/life solution for corporate thought leaders -----Original Message----- From: Irwan Shahrin Ismail [mailto:[email protected]] Sent: Tuesday, September 26, 2000 1:17 AM To: '[email protected]' Subject: [FW1] IIS Authentication (NT Challenge/Response) thru FW1 I'm having trouble accessing our web servers (thru HTTP port 80) when using NT Challenge/Response. What happens is that I would be prompted several times for the login before I get to see a page. However, when I enable Anonymous access on IIS (as well as NT Challenge/Response), I only get prompted once for the login & password (this is partly because the default page has a few lines of codes to authenticate a user). The problem with this is that some HTML files and images (which can't include scripts to check for authentication) won't prompt the user(s) for login. Why does IIS prompt me for the login several times? Is it because each request is seen as a separate request (as it has gone through the firewall, thus source address might have been translated, etc)? I've tried changing the rules to ANY, ANY, ANY, ACCEPT, and it works! I've tested several times from different machines on the internal network (which is in the same subnet as the firewall) and they don't have any problem accessing this web server. Please advice. If possible, CC your reply to [email protected]. Appreciate any help. Thanks! ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|