|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] SDL & windows 2000
Still, my SR setup including SDL does not work. Do people have it running on a ADSL line or with PPP connections? James Oryszczyn <[email protected]> wrote: >Do you have a LMhosts file with the Domain Controllers in it? I have found >that you still need to set a LMhosts file for SDL to work in W2k. > >James >----- Original Message ----- >From: <[email protected]> >To: <[email protected]> >Sent: Monday, December 17, 2001 12:18 PM >Subject: Re: [FW-1] SDL & windows 2000 > > >> James Oryszczyn <[email protected]> wrote: >> >> >W2K will have DNS and netbios traffic on a boot up. The Windows 2000 >> >machine is trying to contact the domain controllers to get machine >policys >> >and such. Capture when hit Ctrl-al-deltete and the tunnel comes up. Then >> >look for DNS traffic. >> > >> >> Hi, >> I've traced all packets leaving my SR/SC box. After startup of the >networking services the client tries to contact its DNS servers directly >without any use of SR/SC, although split DNS/ encrpted DNS is setup >correctly (it runs for a different NT box). When I now pass some random >credentials the logon fails however after that SR/SC logon window pops up. >When those credentials belong to a cached profile the logon process uses >this instead of waiting for SR to come up with the pop up window. >> >> Any further hints/ reading? >> >> Egonle >> >> >James >> >----- Original Message ----- >> >From: <[email protected]> >> >To: <[email protected]> >> >Sent: Friday, December 14, 2001 3:36 AM >> >Subject: Re: [FW-1] SDL & windows 2000 >> > >> > >> >> "Miller, Joe" <[email protected]> wrote: >> >> >> >> >Are you running W2k in Native mode or Mixed Mode? If you are running >> >> >Mixed mode, authentication will work. In native mode, however, there >are >> >> >issues with 4.1 (to be fixed in NG). >> >> > >> >> >Joe >> >> > >> >> >> >> IMHO, Native Mode and Mixed Mode are terms regarding the communication >> >between DCs not clients to a DC itself. Depending on the setup a W2K DC >is >> >able to fall-back to NTLMv2 authentication if Kerberos isn't supported by >> >the client. >> >> >> >> Anyway, after a reboot of the W2K machine my sniffer captured DNS, NBT >> >packets which the box is trying to contact directly (Encrypted DNS is >setup >> >correctly!). This points out that SecureClient/ SecuRemote is not able to >> >capture packets sent by the OS before a login process is started. >> >> >> >> After a reboot I've passed some random credentials so that a login >fails >> >for sure. After that "failed logon" securemote login window pops up and a >> >VPN tunnel is tried to open by SR. >> >> >> >> >> >> Egonle >> >> >-----Original Message----- >> >> >From: Michael S. Hobbs [mailto:[email protected]] >> >> >Sent: Thursday, December 13, 2001 10:30 AM >> >> >To: [email protected] >> >> >Subject: Re: [FW-1] SDL & windows 2000 >> >> > >> >> > >> >> >I am using Win2k with AD, running FW-1 4.1 SP2, and the latest >> >> >SecureClient for FW-1 4.1. I have SDL and SSO enabled and I am able >to >> >> >login just fine. The only problem is intermittent issues with the >login >> >> >script. Sometime it runs, sometimes it does not. >> >> > >> >> >Michael >> >> > >> >> >-----Original Message----- >> >> >From: Mailing list for discussion of Firewall-1 >> >> >[mailto:[email protected]] On Behalf Of Jim >> >> >Laverty >> >> >Sent: Thursday, December 13, 2001 7:26 AM >> >> >To: [email protected] >> >> >Subject: Re: [FW-1] SDL & windows 2000 >> >> > >> >> > >> >> >SDL does not work with Active Directory in Windows 2000, if you are >> >> >using the 4.1 version of FW-1. I confirmed this with Checkpoint. I >was >> >> >told NG would support this only. >> >> > >> >> >The srv packets never get passed through. Load up a sniffer and >capture >> >> >a local domain login to an ADS box. Then sniff the incoming >connection >> >> >from SecuRemote, you will see completely different behavior. You can >do >> >> >SDL with NT 4.0, not W2K. >> >> > >> >> >-----Original Message----- >> >> >From: Mailing list for discussion of Firewall-1 >> >> >[mailto:[email protected]] On Behalf Of >> >> >[email protected] >> >> >Sent: Thursday, December 13, 2001 4:49 AM >> >> >To: [email protected] >> >> >Subject: Re: [FW-1] SDL & windows 2000 >> >> > >> >> > >> >> >"Michael S. Hobbs" <[email protected]> wrote: >> >> > >> >> >>Yes SDL is supported in Windows 2000. >> >> >> >> >> > >> >> >Ok, I've enbled SDL on W2K (without SSO). However SecuRemote/ Client >> >> >Login window does not pop up during login, so either a cached profile >is >> >> >used or the login fails. >> >> > >> >> >Regards, >> >> > >> >> >Egonle >> >> > >> >> >>Michael >> >> >> >> >> >>-----Original Message----- >> >> >>From: Mailing list for discussion of Firewall-1 >> >> >>[mailto:[email protected]] On Behalf Of >> >> >>[email protected] >> >> >>Sent: Wednesday, December 12, 2001 2:21 PM >> >> >>To: [email protected] >> >> >>Subject: [FW-1] SDL & windows 2000 >> >> >> >> >> >> >> >> >>Hi, >> >> >>does anybody know if SDL is supported on windows 2000? >> >> >> >> >> >> >> >> >>Regards, >> >> >>Egonle >> >> >>-- >> >> >> >> >> >> >> >> >> >> >> >> >> >> >>__________________________________________________________________ >> >> >>Your favorite stores, helpful shopping tools and great gift ideas. >> >> >>Experience the convenience of buying online with Shop@Netscape! >> >> >>http://shopnow.netscape.com/ >> >> >> >> >> >>Get your own FREE, personal Netscape Mail account today at >> >> >>http://webmail.netscape.com/ >> >> >> >> >> >>================================================= >> >> >>To unsubscribe from this mailing list, >> >> >>please see the instructions at >> >> >>http://www.checkpoint.com/services/mailing.html >> >> >>================================================= >> >> >>To set vacation, Out Of Office, or away messages, >> >> >>send an email to [email protected] >> >> >>in the BODY of the email add: >> >> >>set fw-1-mailinglist nomail >> >> >>================================================= >> >> >>If you have any questions on how to change your >> >> >>subscription options, email Ron Alcatraz at: >[email protected] >> >> > >> >> >>================================================= >> >> >> >> >> >>================================================= >> >> >>To unsubscribe from this mailing list, >> >> >>please see the instructions at >> >> >>http://www.checkpoint.com/services/mailing.html >> >> >>================================================= >> >> >>To set vacation, Out Of Office, or away messages, >> >> >>send an email to [email protected] >> >> >>in the BODY of the email add: >> >> >>set fw-1-mailinglist nomail >> >> >>================================================= >> >> >>If you have any questions on how to change your >> >> >>subscription options, email Ron Alcatraz at: >[email protected] >> >> > >> >> >>================================================= >> >> >> >> >> >-- >> >> > >> >> > >> >> > >> >> > >> >> >__________________________________________________________________ >> >> >Your favorite stores, helpful shopping tools and great gift ideas. >> >> >Experience the convenience of buying online with Shop@Netscape! >> >> >http://shopnow.netscape.com/ >> >> > >> >> >Get your own FREE, personal Netscape Mail account today at >> >> >http://webmail.netscape.com/ >> >> > >> >> >================================================= >> >> >To unsubscribe from this mailing list, >> >> >please see the instructions at >> >> >http://www.checkpoint.com/services/mailing.html >> >> >================================================= >> >> >To set vacation, Out Of Office, or away messages, >> >> >send an email to [email protected] >> >> >in the BODY of the email add: >> >> >set fw-1-mailinglist nomail >> >> >================================================= >> >> >If you have any questions on how to change your >> >> >subscription options, email Ron Alcatraz at: >[email protected] >> >> >================================================= >> >> > >> >> >================================================= >> >> >To unsubscribe from this mailing list, >> >> >please see the instructions at >> >> >http://www.checkpoint.com/services/mailing.html >> >> >================================================= >> >> >To set vacation, Out Of Office, or away messages, >> >> >send an email to [email protected] >> >> >in the BODY of the email add: >> >> >set fw-1-mailinglist nomail >> >> >================================================= >> >> >If you have any questions on how to change your >> >> >subscription options, email Ron Alcatraz at: >[email protected] >> >> >================================================= >> >> > >> >> >================================================= >> >> >To unsubscribe from this mailing list, >> >> >please see the instructions at >> >> >http://www.checkpoint.com/services/mailing.html >> >> >================================================= >> >> >To set vacation, Out Of Office, or away messages, >> >> >send an email to [email protected] >> >> >in the BODY of the email add: >> >> >set fw-1-mailinglist nomail >> >> >================================================= >> >> >If you have any questions on how to change your >> >> >subscription options, email Ron Alcatraz at: >> >> >[email protected] >> >> >================================================= >> >> > >> >> >================================================= >> >> >To unsubscribe from this mailing list, >> >> >please see the instructions at >> >> >http://www.checkpoint.com/services/mailing.html >> >> >================================================= >> >> >To set vacation, Out Of Office, or away messages, >> >> >send an email to [email protected] >> >> >in the BODY of the email add: >> >> >set fw-1-mailinglist nomail >> >> >================================================= >> >> >If you have any questions on how to change your >> >> >subscription options, email Ron Alcatraz at: >> >> >[email protected] >> >> >================================================= >> >> > >> >> -- >> >> >> >> >> >> >> >> >> >> __________________________________________________________________ >> >> Your favorite stores, helpful shopping tools and great gift ideas. >> >Experience the convenience of buying online with Shop@Netscape! >> >http://shopnow.netscape.com/ >> >> >> >> Get your own FREE, personal Netscape Mail account today at >> >http://webmail.netscape.com/ >> >> >> >> ================================================= >> >> To unsubscribe from this mailing list, >> >> please see the instructions at >> >> http://www.checkpoint.com/services/mailing.html >> >> ================================================= >> >> To set vacation, Out Of Office, or away messages, >> >> send an email to [email protected] >> >> in the BODY of the email add: >> >> set fw-1-mailinglist nomail >> >> ================================================= >> >> If you have any questions on how to change your >> >> subscription options, email Ron Alcatraz at: >> >> [email protected] >> >> ================================================= >> > >> >================================================= >> >To unsubscribe from this mailing list, >> >please see the instructions at >> >http://www.checkpoint.com/services/mailing.html >> >================================================= >> >To set vacation, Out Of Office, or away messages, >> >send an email to [email protected] >> >in the BODY of the email add: >> >set fw-1-mailinglist nomail >> >================================================= >> >If you have any questions on how to change your >> >subscription options, email Ron Alcatraz at: >> >[email protected] >> >================================================= >> > >> -- >> >> >> >> >> __________________________________________________________________ >> Your favorite stores, helpful shopping tools and great gift ideas. >Experience the convenience of buying online with Shop@Netscape! >http://shopnow.netscape.com/ >> >> Get your own FREE, personal Netscape Mail account today at >http://webmail.netscape.com/ >> >> ================================================= >> To unsubscribe from this mailing list, >> please see the instructions at >> http://www.checkpoint.com/services/mailing.html >> ================================================= >> To set vacation, Out Of Office, or away messages, >> send an email to [email protected] >> in the BODY of the email add: >> set fw-1-mailinglist nomail >> ================================================= >> If you have any questions on how to change your >> subscription options, email Ron Alcatraz at: >> [email protected] >> ================================================= > >================================================= >To unsubscribe from this mailing list, >please see the instructions at >http://www.checkpoint.com/services/mailing.html >================================================= >To set vacation, Out Of Office, or away messages, >send an email to [email protected] >in the BODY of the email add: >set fw-1-mailinglist nomail >================================================= >If you have any questions on how to change your >subscription options, email Ron Alcatraz at: >[email protected] >================================================= > -- __________________________________________________________________ Your favorite stores, helpful shopping tools and great gift ideas. Experience the convenience of buying online with Shop@Netscape! http://shopnow.netscape.com/ Get your own FREE, personal Netscape Mail account today at http://webmail.netscape.com/ ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
