Check Point VPN-1/FireWall-1

Problem: Authentication with SecurID 

AERAsec Network Services and Security GmbH

 

Platform:  Linux, Solaris, and MS Windows Server
Product: Check Point Next Generation FP2
Problem: Authenticating users with e.g. VPN-1 & FireWall-1 Password is ok, but the authentication using an ACE-Server will not work. The Enforcement-Point isn't even asking the ACE-Server.
Workaround/Fix:

This is a known problem. First of all, NG should be configured correctly, i.e. the file sdconf.rec is in /var/ace (Unix) or \winnt\system32. The Enforcement-Point should also be able to ask the ACE-Server, be a registered client.
Then, you only need to exchange the library $FWDIR/lib/libcpauth.so (Unix) or $FWDIR\lib\cpauth.dll (Windows), it can be downloaded from Check Point's site. After this, the authentication works as suspected.
This patch is included since NG Feature Pack 3.

 

No warranty at all, your Feedback is welcome!
© 2002-2010 AERAsec Network Services and Security GmbH, last change 2002-10-02
back to http://www.vpn-1.de/aerasec/