OSEC

Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com
NFR Wizards Archive: Authentication Failure

Authentication Failure

Joe Ippolito - President SVNPA (joejoesnet.com)
Thu, 19 Mar 1998 16:05:12 -0800

Some time ago we installed the enterprise version of Firewall-1 on NT 4.
 Recently I tried to install two more firewall only modules and get
authentication failures. The error message in the remote server's event
log is: "Log authentication with <ip address of management server> failed".
The error message in the management server's event log is: "Authentication
with <management server> for command log failed". When I try to install a
security policy from the GUI client I get: "Authentication for command
load failed; Failed to Install Security Policy on <remote firewall>:
Unauthorized action".

Another strange thing that happens is that when I try to connect to the
management server/firewall with a GUI client on the outside I get the
eternal loading objects screen. If I install an ANY ANY ANY rule on the
firewall I can then load objects at the remote GUI client. Even after I
put the previous policy back in I can still get in remotely several times
before I get the eternal loading objects screen.

The ip address of the remote firewall is in the configuration at the
management server and the master ip address is in the configuration for the
remote and the passwords match. Both machines have NT SP 3 and all
hotfixes. Firewall-1 build is 3045b no VPN or DES.

The applicable lines of our control.map are:

MASTERS: stat,getkey,gettopo/none */fwa1
CLIENT : load,db_download,fetch,log/fwa1 */none
* : stat,getkey,gettopo/none unload,ioctl,load,db_download/deny
  */fwa1

Is */fwa1 appropriate?

Any ideas/suggestions would be greatly appreciated.

This archive was generated by hypermail 2.0b3 on Sat Jul 17 1999 - 07:10:40 CDT