[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] SecurID
Title: RE: [FW1] SecurID Well, if you use the generic* user to authenticate your VPN users trough third party software (ACE server), you are limited because "generic* can be a part of only 1 group. So all VPN users have the same access (let's say , e-mail, or access to a certain server) If you dont mind that, it's ok. On the other hand, if you want to create different VPN groups, you'll have to use HYBRID mode IKE, and then select SecurID as authentication. BUT, how will you manage users on firewall-1 and users in ACE server(SecurID) ?? Some will say : easy !! use dbexport and import to manage users with a script !! Well, not exactly !! If you dbexport and then dbimport the user base, you'll see that the FWZ box is now checked... This bug is now under investigation at checkpoint and could be a known limitation for now... Of course, I could be wrong :-) Patrick Desnoyers
-----Original Message-----
Hi guys, We are implementing securID in our infrastructure as a way for people
Thanks Lenny Sanchez
================================================================================
|