'Re: [FW-1] LDAP'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       firewall-1
Subject:    Re: [FW-1] LDAP
From:       Yinal OZKAN <lists911 () YAHOO ! COM>
Date:       2003-05-28 17:42:29
[Download RAW message or body]

You have a chance to encrypt the LDAP traffic with SSL.
On NG FP3 go to:
Account Unit --> Servers --> Edit --> Encryption tab.
By default LDAP SSL (ldaps://) uses TCP686. (not a must).

Check your ldap server connectivity. Configuration of
ldap server varies. You may check
http://www.bayour.com/LDAPv3-HOWTO.html
for open ldap.

For MS Active Directory it is easier with MS CA. But
you still need MS High Enc. Pack. There is a good
document from CP for AD.

Command line will not use SSL by default you will need
a 3rd part ssl connector.

fyi,
- yinal ozkan

More details are available through AD conf d
--- Will Black <will@IONGEAR.COM> wrote:
> Quick question. when a user is set up to use LDAP Auth. when he connects
> to the firewall and the firewall attempts auth. Is that sent in clear
> text to the firewall, and is it encrypted from the FW to the LDAP
> server?
>
> Thanks
> Will
>
>
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to LISTSERV@amadeus.us.checkpoint.com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner@ts.checkpoint.com
> =================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV@amadeus.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner@ts.checkpoint.com
=================================================
[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic