[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] SecuRemote timeouts

To: fw-1-mailinglist@lists.us.checkpoint.com
Subject: [FW1] SecuRemote timeouts
From: ntyni+fw-1-mailinglist@mappi.helsinki.fi (Niko Tyni)
Date: 17 Mar 2000 14:45:34 +0200
Sender: owner-fw-1-mailinglist@lists.us.checkpoint.com


Hi,
        we have a problem with SecuRemote authentication and FWZ
encryption. We have a service with ~100 users that's protected with
FW1 and used through SecuRemote. For various reasons, we don't need
'real' authentication for the encryption tunnel, so we use a single
username/password pair for all the users. Unfortunately, this seems to 
cause problems with the authentication timeouts - every user is asked
to reauthenticate every ~13 minutes, regardless of the timeout in the
User settings of the GUI or the SecuRemote settings.

Now, I found a hint in the FW1 4.0 SP2 release notes about setting
':userc_bind_to_IP (true)' in $FWDIR/conf/objects.C. However, this
doesn't seem to have the desired effect - reauthentication is still
needed, as before. Has anybody got this to work? What are the rules of 
reauthentication in a case like this?

FW1 version is 4.0 SP3, running on Solaris 2.6. 'Firewall-1 Password'
is used for the generic user. Securemote build (4005 or 4118) doesn't
seem to matter.

And yes, I've read the FAQ.

Thanks for any info,
-- 
Niko Tyni
University of Helsinki, Computing Centre


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Licensing
Next by Date: Re: [FW1] Licensing
Prev by thread: [FW1] Release 4.1 on HP-UX 11.0
Next by thread: [FW1] Encryption Failure
Index(es):
- Date
- Thread