Solved

Multiple password prompts in checkpoint

Posted on 2002-07-10
5
245 Views
Last Modified: 2013-11-16
We have a checkpoint firewall running on a sun box with solaris 8.
I personaly do not manage the unit, but have been unable to get a solution to this problem.

On our client machines upon accessing the internet you need to provide your username and password.(once)
Over the last few months different users have been complaining that they are now being prompted 2 and three times for a password when using the internet. Once this happens they will always be prompted multiple times.
The clients are windows 98/me and one with win 2000. Most have IE6 or IE5.5 installed. The websites are not restricted sites, happens when opening the browser up and it goes to the start page. Once on the internet usually do not get prompted again.
0
Comment
Question by:fawking
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
5 Comments
 
LVL 1

Expert Comment

by:m4rc
ID: 7150264
questions:
what version and what feature pack of fw-1 are you using?
what type of authentication are you using?
is there a checkpoint client running on the desktops?

checkpoint has three types of authentication methods,
User Authentication, Session Authentication, and Client Authentication.  (dont try to figure out what they do by the name, it doesnt quite make sense)

anyway, on the firewall when you set up to allow ppl to go through, you can set the auth type, and for some there is also a timeout involved, like maybe Suzy can use the web for 15 mins, then reauthenticate.  or Suzy can use the web until she has 15 mins of no activity.  etc.

so those users may be hitting one of those limits in the rules.  check the rules and see what the settings are.

marc
0
 
LVL 2

Expert Comment

by:edmonds_robert
ID: 7154714
I had this problem on a network running Raptor firewall.  It's been a while, but I believe the solution was rather simple.  Making sure the browser on the client PC had the IP address of the proxy server set in the "Connections" settings in Internet Explorer.  Just something to check.
0
 
LVL 23

Expert Comment

by:Tim Holman
ID: 7154785
Sounds like session authentication has been setup.  This authenticates users everytime they start a new session.
Do you have access to the management station at all ?
This is a feature that someone's evidently implemented without consulting their user base !
Who's Suzy ?
:)
0
 
LVL 5

Expert Comment

by:zenlion420
ID: 9711631
Hey people,

No comment has been added in roughly 1 year, so it's time to clean up this TA.
I will leave a recommendation in the Cleanup topic area that this question
be PAQ'd and pts forfeited.
Please leave any comments here within the next seven days.

PLEASE DO NOT ACCEPT THIS COMMENT AS AN ANSWER!

Zenlion420
EE Page Editor
0
 

Accepted Solution

by:
YensidMod earned 0 total points
ID: 9759238
This question is PAQed  and no points refunded (of 100).

YensidMod
Community Support Moderator
0

Featured Post

What Is Transaction Monitoring and who needs it?

Synthetic Transaction Monitoring that you need for the day to day, which ensures your business website keeps running optimally, and that there is no downtime to impact your customer experience.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Auditing domain password hashes is a commonly overlooked but critical requirement to ensuring secure passwords practices are followed. Methods exist to extract hashes directly for a live domain however this article describes a process to extract u…
Here's a look at newsworthy articles and community happenings during the last month.
With Secure Portal Encryption, the recipient is sent a link to their email address directing them to the email laundry delivery page. From there, the recipient will be required to enter a user name and password to enter the page. Once the recipient …
The Email Laundry PDF encryption service allows companies to send confidential encrypted  emails to anybody. The PDF document can also contain attachments that are embedded in the encrypted PDF. The password is randomly generated by The Email Laundr…

696 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question