{"id":57,"date":"2008-07-31T14:47:57","date_gmt":"2008-07-31T14:47:57","guid":{"rendered":"https:\/\/fir3netwp.gmsrrpobkbd.com\/2008\/07\/31\/authentication-in-checkpoint\/"},"modified":"2021-07-24T19:35:11","modified_gmt":"2021-07-24T19:35:11","slug":"authentication-in-checkpoint","status":"publish","type":"post","link":"https:\/\/www.fir3net.com\/Firewalls\/Check-Point\/authentication-in-checkpoint.html","title":{"rendered":"Check Point – Authentication"},"content":{"rendered":"
When adding an authentication action to a rule there are 3 types, <\/span><\/p>\n User<\/strong> authentication works by intercepting connects going through the FW-1 and prompting the user for authentication. To do this the firewall has to modify the traffic, so this authentication type can only be used with FTP, HTTP, Telnet and RLOGIN. <\/span><\/p>\n Session<\/strong> authentication uses software installed on the clients machine. When the rule with session authentication is hit, the firewall tries to connect to the agent on the clients machine on port 261, a authentication dialog box is then presented to the user. This works on all protocol. <\/span><\/p>\n Client<\/strong> authentication acts on authenticating the machine. The user is required to connect to the FW-1 gateway address on either port 259 (telnet) or 900 (HTTP). Once the user has authenticated the machine IP will be permitted. Rule Base Order<\/strong><\/span><\/p>\n With authentication rules the standard top to bottom doesn’t apply. The firewall will check to see if there are any rules that match any non authentication rules first.<\/span><\/p>\n So where do I put my rules ??<\/span><\/p>\n <\/span><\/p>\n Using the above example access to any host would be accepted using the accept rule. Where as access to 64.20.35.155 would use the client auth rule.<\/p>\n","protected":false},"excerpt":{"rendered":" When adding an authentication action to a rule there are 3 types, User Session Client User authentication works by intercepting connects going through the FW-1 and prompting the user for authentication. To do this the firewall has to modify the traffic, so this authentication type can only be used with FTP, HTTP, Telnet and RLOGIN. … Read more<\/a><\/p>\n","protected":false},"author":2,"featured_media":56,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"footnotes":""},"categories":[17],"tags":[],"yoast_head":"\n\n
\n
<\/span><\/li>\n
<\/span><\/li>\n<\/ul>\n\n
<\/span><\/li>\n
<\/span><\/p>\n\n
\n