[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] "Group" objects and consistency
Hello all, I have a strange problem and I'm hoping someone here can help. We use VPN-1 to allow access to our mail server (POP) to our remote employees. Until Sunday, the set-up was: o All of the relevant computers in a group, including the POP server. The POP server is in this group with the name "pop", which is an alias for the system with the IP address 192.168.111.24 o All of the VPN users can access it. On Sunday, we installed a new POP server, I updated the IP address of the system named "pop" in the FW-1 management tool, and reinstalled the policy. The name is the same, but the IP address is now 192.168.111.26. And many of our VPN users cannot access it. After much messing about on Monday, I found that I could "re-enable" their access by opening the user manager, choosing the "Location" tab, removing the group containing "pop" from it, immediately (without ever closing the window for that user) adding that group back, answering "No" to the question "Would you like to add members of group "Servers" individually?", closing the window for that user, and re-installing the user database. This needed to be done for every user. Shouldn't the update of the IP address of "pop" in one place take care of all of this? Am I doing something wrong? Is this a known bug? Is my description even any good? Any comments are appreciated. --andy ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|