 | ||
 URL Filtering - Authentication (WWW Unknown Server - Form has expired) | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
| Register | FAQ | Members List | Calendar | Search | Today's Posts | Mark Forums Read |
 |
| | LinkBack | Thread Tools | Display Modes |
 3 Weeks Ago | |||
| |||
 URL Filtering - Authentication (WWW Unknown Server - Form has expired) Hi, We are facing some problem with URL Filtering and LDAP Authentication on UTM-1 2050 HA. There are 2 rules about HTTP protocol. One with LDAP authentication and the other one without authentication. When the URL Filtering is enabled, people who need to be authenticated are unable to surf. They received an FW-1: Form has expired or WWW Unknown server. We sniff the traffic to understand the process of Authentication. 1) PC --> Website 2) Website --> PC (Checkpoint add header 301 not allow + location header) http://x.x.x.x/fwauthredirectx.x.x.xid0000000021 3) PC --> CP (follow the header redirect) 4) CP --> PC (header 401 popup display) 5) PC --> Website When the URL Filtering is disabled the CP doesn't add all the time the 401 header. So we do not receive the authentication popup... We found a workarround. If we define the CP as proxy in Internet Explorer everything works fine ! So the CP seems to be configured as proxy. How can we disbale this functionnality and put it in transparent mode ? In the transparent mode is there any possibilities to get URL Filtering working ? Is there any link with this issue and Security Server ? Can you explain brievly the role of Security Server ? Thanks in advance for all your comments.  |
|
| Currently Active Users Viewing This Thread: 1 (0 members and 1 guests) | |
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
