000018034 - Check Point FireWall-1: How to challenge all HTTP access attempts without adding users and groups

Document created by RSA Customer Support Employee on Jun 16, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 2Show Document
  • View in full screen mode

Article Content

Article Number000018034
Applies ToCheck Point Firewall-1
HTTP Authentication
IssueHow to challenge all HTTP access attempts without adding users and groups
ResolutionWhen configuring the Check Point FireWall-1, the administrator can challenge all users accessing via HTTP without having to add each user to the Firewall-1 database.  It is possible to ignore the Check Point user database in regards to User Authentication.

The user should right click the "User Auth" icon in the rules and then select "Edit Properties".  There are 2 pull-down menus, one for incoming and one for outgoing, "Intersect User Database" or "Ignore User Database", select "Ignore User Database".  All access attempts will get a username and password prompt when accessing via HTTP.  The user should enter their UserID and PASSCODE.  Access via Telnet will get a UserID and PASSCODE prompt.
Legacy Article ID1.0.155735.2229836

Attachments

    Outcomes