extranet FW-1's remote access w/ Secur-ID and NetBT auth

["Rui Ribeiro" <ruka () my-deja com>]

Hi. I am writing this message, in the hope someone has stunbled into our prob. We're creating here an extranet with 
FW-1, Secur-ID authenticated. NetBT domain authentication is also required.

Problem is, NetBT auth isn't working. It worked over a brief period of time, but I suspect it was due to a holiday 
period with low-traffic associated. (we're are now monitoring our line with MRTG). The NetBT's NT domain authentication 
always fails with a "NT domain server not found" error message. Our lmhosts file appears to be correct, with the hosts 
and domain. The local client topology file built with SecureRemote is also correct. ping works ok. More disturbingly 
yet, after failing the NT domain auth (*but being sucessfful with SecurID auth), I have access to the NT shared 
resources. (Cached credentials?)

TCP/IP connectivity is great. Terminal Server is working slowly.

We're using SecureRemote 4.0, FW-1 Build 4031 (Is it possible we're using policy editor v4.0 with FW/1 3.x?), 
ACE/server 3.31 and SecureRemote v4.0 export edition. The NT servers have installed SP4+y2k hotfixes, and the Win 98 
remote clients have the full y2k patches.

We're planning an upgrade to Citrix's Metaframe for remote work, and NetBT authentication is used for persorns who 
can't, and have the speed to work with the local files. I also have info where the Terminal Server w/ SP 5 and one or 
more hotfixes is an appropriate match for Metaframe. We will be conduncting tests shortly.

Wether the NetBT setup is apropriate in terms of bandwith, that's another matter. Peharphs a secure FTP solution wasn't 
that inapropriate, but it would be nice to have the NetBT authentication, just in case.

Regards,
Rui Ribeiro

---
Rui Fernando Ferreira Ribeiro
IT Consultant







--== Sent via Deja.com http://www.deja.com/ ==--
Share what you know. Learn what you don't.