CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it yet again - That's right, the 3rd edition is here!
You can read his announcement post here.
It's a massive upgrade focusing on current versions, and well worth checking out. -E

 

Results 1 to 2 of 2

Thread: Configuring AAA for Nokia Voyager

  1. #1
    Join Date
    2006-05-08
    Posts
    113
    Rep Power
    14

    Default Configuring AAA for Nokia Voyager

    I would like to configure the ssh and https login to my firewalls with AAA and TACACS+ or RADIUS authenticating against an external server (RSA or Cisco ACS). Has anyone else done this?

    Do I have to create a profile for each (ssh and https) and how do I link these two my external servers?

  2. #2
    Join Date
    2008-03-21
    Location
    Cambridge, UK
    Posts
    43
    Rep Power
    0

    Default Re: Configuring AAA for Nokia Voyager

    Quote Originally Posted by mcarey View Post
    I would like to configure the ssh and https login to my firewalls with AAA and TACACS+ or RADIUS authenticating against an external server (RSA or Cisco ACS). Has anyone else done this?

    Do I have to create a profile for each (ssh and https) and how do I link these two my external servers?
    Hi.
    Create an Auth Profile citing your RADIUS/TACACS server, probably with control 'sufficient'. Then edit the Service Profile for each service (base_prof_httpd and base_prof_sshd, auth profile column) to include the new auth profile. Some people might suggest duplicating these (base_prof_httpd_mine etc) for safety and then citing the new service profile for the service module at the top of the page.

    Anyone want to try my improved GUI for this? The AAA page annoyed me so much with the lack of dropdowns for citing profiles that I wrote my own. It is VERY ALPHA.

    http://www.ipsilonconsulting.co.uk/s...ullPlating.tgz

    Please don't distribute this version. Tested on IPSO 4.2, disk-based. Unlikely to work on diskless. Also - security warning - this version loads java widgets in your browser from a 3rd party website. I haven't integrated local copies yet. They should be trustworthy though unless someone specifically targets you and intercepts that page load. Finally - usage; you will find the new AAA page under "Firewall and other packages".

    Greg... gregharewood at mac.com

Similar Threads

  1. SecurID authentication for Nokia Voyager
    By rlambert5 in forum Check Point IP Appliances and IPSO (Formerly Sold By Nokia)
    Replies: 1
    Last Post: 2009-12-18, 22:03
  2. Replies: 7
    Last Post: 2009-10-22, 21:31
  3. Configuring VRRP on Nokia
    By gladiatorkev in forum Check Point IP Appliances and IPSO (Formerly Sold By Nokia)
    Replies: 1
    Last Post: 2008-08-06, 13:18
  4. Nokia IPSO Voyager ACL
    By fendi in forum Check Point IP Appliances and IPSO (Formerly Sold By Nokia)
    Replies: 4
    Last Post: 2008-06-16, 12:08
  5. Configuring static routes using Nokia CLI
    By tangerine0072000 in forum Check Point IP Appliances and IPSO (Formerly Sold By Nokia)
    Replies: 5
    Last Post: 2006-09-24, 16:42

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •