Thread: Policy Install Logs Out Client Auth Users
View Single Post
  #1 (permalink)  
Old 2005-08-14
roadrunner roadrunner is offline
Senior Member
  
Join Date: 2005-08-12
Posts: 162
Rep Power: 4
roadrunner has an average reputation (10+)
Default Policy Install Logs Out Client Auth Users
Policy Install Logs Out Client Auth Users
A policy re-install flushes certain tables, of which the client_auth table is one of. You can go into $FWDIR/lib/table.def on the management console and modify the following entry:

client_auth = dynamic sync expires AUTH_TIMEOUT;

A 'keep' needs to be added to the end of this line. It should read:

client_auth = dynamic sync keep expires AUTH_TIMEOUT;

You will need to re-install the security policy from the management console for this to take effect.

The 'keep' (which generally should be added after 'sync') will prevent the client_auth table from being flushed on a policy re-install. The only way to flush this table is to bounce FireWall-1 (fwstop; fwstart).

-- PhoneBoy - 30 Dec 2003


FAQForm
FAQs.Class: AuthenticationFAQs, TroubleshootingFAQs
OperatingSystem?:
FAQs.Version:
Reply With Quote