| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW1] "Group" objects and consistency
Hello all,
I have a strange problem and I'm hoping someone here can
help.
We use VPN-1 to allow access to our mail server (POP) to
our remote employees. Until Sunday, the set-up was:
o All of the relevant computers in a group, including
the POP server. The POP server is in this group with
the name "pop", which is an alias for the system with
the IP address 192.168.111.24
o All of the VPN users can access it.
On Sunday, we installed a new POP server, I updated the IP
address of the system named "pop" in the FW-1 management
tool, and reinstalled the policy. The name is the same,
but the IP address is now 192.168.111.26. And many of our
VPN users cannot access it. After much messing about on
Monday, I found that I could "re-enable" their access by
opening the user manager, choosing the "Location" tab,
removing the group containing "pop" from it, immediately
(without ever closing the window for that user) adding
that group back, answering "No" to the question "Would you
like to add members of group "Servers" individually?",
closing the window for that user, and re-installing the
user database.
This needed to be done for every user.
Shouldn't the update of the IP address of "pop" in one
place take care of all of this? Am I doing something
wrong? Is this a known bug? Is my description even any
good?
Any comments are appreciated.
--andy
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
|
|
