Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] User authentication with LDAP

To: [email protected]
Subject: [FW1] User authentication with LDAP
From: Kent Hundley <[email protected]>
Date: Wed, 29 Nov 2000 11:02:50 -0500 (EST)
Sender: [email protected]

List,

I have configured the following rule on FW1 version 4.0:

src= testgrp@any
dst= any
service= ftp
action= user auth

The testgrp@any object is a 'users access' object that references an
internal LDAP server.  All of the LDAP servers settings in the server object
on the FW-1 have been verified. (login DN, branches, password, etc)

The problem is that the FW seems to ignore the rule completely.  When an FTP
session is initiated, the FW prompts for the userid as normal.  However, the
session fails immediately if the FW userid is not configured in the local FW
database. (i.e. using the userid@fw-userid@remote-ftp-site) The FW reports
"331-aftpd: user x not found)

According to the FW log, it fails due to rule 0 with the reason being
'unknown user'.  It does not appear that the FW is attempting to check the
LDAP user database at all and simply fails when it can't find the user in
the local database.

Any help appreciated.

Regards,
Kent


 



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] Check this!
Next by Date: RE: [FW1] intrusion detection - benifits?
Previous by thread: SV: [FW1] Check this!
Next by thread: [FW1] S.F. Bay Area Firewall-1 Meeting
Index(es):
- Date
- Thread