Configuring the Firewall for Terminal Services
33
If you need to log in remotely to the firewall, you must use netacl to start the proxies. In
this configuration, administrators on either inside or outside hosts initiate TELNET
requests to the firewall, which accesses the netacl daemon. The netacl daemon checks its
permissions, and determines that the host can use TELNET. The netacl daemon starts the
proxy. The proxy prompts the user for authentication. If it is successful, the proxy
prompts the user for the host and logs the transaction. When the user indicates a wish to
connect to the firewall itself (by specifying the destination “localhost”), the netacl
daemon reviews the destination and starts the actual IRIX TELNET daemon on the
firewall, thereby connecting the user to the firewall.
Using the TELNET and Rlogin Proxies Without Network Access
Control
In this scenario, the firewall runs the TELNET (tn-gw) or Rlogin (rlogin-gw) proxies as
daemons listening for requests on the standard TELNET port (23) and Rlogin port (513).
Common policies allow inside hosts to connect without authentication, and outside
hosts to connect with authentication.
This configuration using just the TELNET and Rlogin proxies (without the netacl
daemon) prohibits running either TELNET or Rlogin on the firewall itself (which would
allow you to login to the firewall remotely). Because the proxies are running on the
standard TELNET and Rlogin ports on the firewall, all requests start the proxy. There is
no way to start the TELNET and Rlogin daemons needed to service these requests on the
standard ports.
Configuring the Firewall for Terminal Services
Configuring the Gauntlet firewall involves planning, configuring the firewall, indicating
which daemons the system will run, configuring the proxies to enforce your policy, and
adding the users who will need to authenticate to the Gauntlet user authentication
database.
Planning
1.
Determine whether you wish to allow TELNET and TN3270 connections through
the firewall.
2. Determine whether you wish to allow rlogin connections through the firewall.
Содержание Gauntlet
Страница 1: ...Gauntlet for IRIX Administrator s Guide Document Number 007 2826 004 ...
Страница 16: ......
Страница 26: ......
Страница 27: ...PART ONE Understanding the Gauntlet Internet Firewall I ...
Страница 28: ......
Страница 43: ...PART TWO Configuring and Using Proxies II ...
Страница 44: ......
Страница 50: ......
Страница 56: ......
Страница 64: ......
Страница 72: ......
Страница 94: ......
Страница 109: ...PART THREE Administering General Gauntlet Firewall Services III ...
Страница 110: ......
Страница 140: ......
Страница 146: ...120 Chapter 17 The Graphical Management Interface Figure 17 3 Gauntlet Introductory Management Form 1 of 3 ...
Страница 147: ...Introductory Management Form 121 Figure 17 4 Gauntlet Introductory Management Form 2 of 3 ...
Страница 148: ...122 Chapter 17 The Graphical Management Interface Figure 17 5 Gauntlet Introductory Management Form 3 of 3 ...
Страница 150: ...124 Chapter 17 The Graphical Management Interface Figure 17 6 Networks and Interfaces Configuration Form 1 of 2 ...
Страница 151: ...Networks and Interfaces Configuration Form 125 Figure 17 7 Networks and Interfaces Configuration Form 2 of 2 ...
Страница 155: ...Routing Configuration Form 129 Figure 17 8 Routing Configuration Form ...
Страница 162: ...136 Chapter 17 The Graphical Management Interface Figure 17 10 Proxy Servers Configuration Form 1 of 3 ...
Страница 163: ...Proxy Servers Configuration Form 137 Figure 17 11 Proxy Servers Configuration Form 2 of 3 ...
Страница 164: ...138 Chapter 17 The Graphical Management Interface Figure 17 12 Proxy Servers Configuration Form 3 of 3 ...
Страница 170: ...144 Chapter 17 The Graphical Management Interface Figure 17 13 DNS Configuration Form 1 of 2 ...
Страница 171: ...DNS Configuration Form 145 Figure 17 14 DNS Configuration Form 2 of 2 ...
Страница 177: ...Sendmail on Gauntlet Servers 151 Figure 17 15 Sendmail Configuration Form ...
Страница 187: ...Logfiles and Reports Configuration Form 161 Figure 17 20 Reports and Logfiles Form 1 of 2 ...
Страница 191: ...Authorizing Users Form 165 Figure 17 22 Authorizing Users Form ...
Страница 192: ...166 Chapter 17 The Graphical Management Interface Figure 17 23 Add User Form ...
Страница 214: ......
Страница 232: ......
Страница 233: ...Appendixes IV ...
Страница 234: ......
Страница 294: ......
Страница 305: ......