RE: [fw-wiz] Authentication on PIX.

From: George J. Jahchan, Eng. (Firewall-Wizards_at_Compucenter.org)
Date: 09/16/03

  • Next message: hr824_at_sunwave.net: "Re: [fw-wiz] Sniffing DSL Connections" 
    To: "Firewall Wizards List" <firewall-wizards@honor.icsalabs.com>
Date: Tue, 16 Sep 2003 08:37:00 +0300

    Martijn,

    To clarify my question, here is an example of what I need to do:

    - I need to restrict access to the ssh port of servers in DMZ (from the
    inside) to users belonging to a 'server admins' group.

    The result is that port 22 from inside to DMZ is closed by default. It
    becomes accessible only after a user belonging to the 'server admins' group
    has supplied to the PIX (in encrypted form) a valid user name / password
    combo, irrespective of which 'inside' IP address they log in from.

    TIA
    -----Original Message-----
    From: mjans001 [mailto:m.jansen001@chello.nl]
    Sent: Monday, September 15, 2003 9:11 PM
    To: 'George J. Jahchan, Eng.'; 'Firewall Wizards List'
    Subject: RE: [fw-wiz] Authentication on PIX.

    First get clear what you mean.

    What services?

    Than I will answer as in systems- or infra based solution.

    There is more to Radius than most people use.

    Martijn Jansen

    -----Oorspronkelijk bericht-----
    Van: firewall-wizards-admin@honor.icsalabs.com
    [mailto:firewall-wizards-admin@honor.icsalabs.com] Namens George J.
    Jahchan, Eng.
    Verzonden: maandag 8 september 2003 12:38
    Aan: Firewall Wizards List
    Onderwerp: [fw-wiz] Authentication on PIX.

    I need to enable authentication on the PIX515 for multiple user groups,
    each group having access to a pre-defined set of services. A user can be
    part of more than one group.

    Can this be done on a PIX with Radius authentication?

    TIA

    _______________________________________________
    firewall-wizards mailing list firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

    _______________________________________________
    firewall-wizards mailing list
    firewall-wizards@honor.icsalabs.com
    http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

  • Next message: hr824_at_sunwave.net: "Re: [fw-wiz] Sniffing DSL Connections"

    Relevant Pages

    • 6.4 authentication
      ... It worked fine until I tried to restrict access to the remote directory via authentication. ... The server is running IIS / ms server 2003. ... I'm surprised that it is allowing access to a restricted directory without any authentication, ...
      (microsoft.public.windowsmedia.sdk)
    • Re: Kerberos machine authentication - apparent authentication fail
      ... > until logon), the wireless connection can kick off when it is ready. ... > was confirmed in the server event logs with IAS (i set that up as the radius ... > as an ordinary user kicks in and takes over from the machine authentication. ... > while the network sorts itself out and a double click on a network link of ...
      (microsoft.public.windows.server.security)
    • Re: Basic Authentication + IIS 5 + Windows 2000 + Frontpage 2002 = failure?
      ... SYSTEM account. ... In IIS I took the virtual server that I was testing, ... Authentication premise. ... From a website perspective, I ...
      (microsoft.public.inetserver.iis.security)
    • Need help configuring Wireless Connection profile
      ... I have an SBS 2003 server and a Server 2003 member server set up using RADIUS ... Windows authentication for all users,4129,LRG\ryanv,4149,Wireless WPA2 PEAP ... Certificate Services ...
      (microsoft.public.windowsxp.general)
    • Re: Remote Web Workplace Issues-Please help!
      ... Open the Server Management Console, ... client after Authentication" right. ... permissions, and Microsoft Windows user rights according to the KB 812614. ... Download the IIS Resource Kit tools from the following page: ...
      (microsoft.public.windows.server.sbs)