Andy,
I think I have an answer to your first question. You might try using
the Firewall-1 mailing list for questions as well. As a general
safegaurd, you should probbably upgrade to the latest version (2.1c)
of Firewall-1. We have seen various problems with earlier versions.
On Wed, 15 Jan 97 09:06:54 +0700, you wrote:
>Item Subject: Message text
>Hello everybody,
>
>
>I have few questions when installing FW-1 Ver 2.1a running on HPUX Rel.
>10.01 series 700.
>
>1. This is the rule base :
>
> source destination service action track
> anyusers @
any any HTTP User Authentication Long
>
>
> I have set the proxy from the client machine with the Firewall's IP
> Address. and then the dialog authentication shows up, and I fill in
>the
>
> username= "andy" and password ="andy", and from the browser shows an
> error message :
>
> Error 407
> FW-1 at Firewall : Unauthorized to access the document.
> . Authorization is needed for Fw-1
> . The authentication required by Fw-1 for andy is : unix password
> . Reason for failure of last attempt : fw-1 rule.
>
> From the book "Firewall Architecture and admin", It says that the
> firewall-1 password was correct, but the user was not authorized
>because there was no matching rule in the rule base.
>
> So ? Anybody know the solution, if we get an error message like that
>?
Open the Properties dialog box for the user and go to the Location tab
to check to see which destinations the user is allowed to access.
If the option "Intersect with user database" is chosen in the
Properties of the rule, then FW-1 will check the user properties to
see if they are allowed to acess the destination.
Regards,
- brett
beldridg @
cup .
hp .
com
References:
|
|
