[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] User authentication with LDAP
List, I have configured the following rule on FW1 version 4.0: src= testgrp@any dst= any service= ftp action= user auth The testgrp@any object is a 'users access' object that references an internal LDAP server. All of the LDAP servers settings in the server object on the FW-1 have been verified. (login DN, branches, password, etc) The problem is that the FW seems to ignore the rule completely. When an FTP session is initiated, the FW prompts for the userid as normal. However, the session fails immediately if the FW userid is not configured in the local FW database. (i.e. using the userid@fw-userid@remote-ftp-site) The FW reports "331-aftpd: user x not found) According to the FW log, it fails due to rule 0 with the reason being 'unknown user'. It does not appear that the FW is attempting to check the LDAP user database at all and simply fails when it can't find the user in the local database. Any help appreciated. Regards, Kent ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|