Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] push works but fetch fails

To: <[email protected]>, <[email protected]>
Subject: Re: [FW1] push works but fetch fails
From: "David C. Diemer" <[email protected]>
Date: Wed, 13 Sep 2000 07:25:01 -0400
Sender: [email protected]

1.  When you say the "north" side, do you mean the public address of the
firewall that you submitted for licensing to Check Point?  If so, that would
be a reasonable answer in itself.

2.  When you do an fw putkey, make sure that the firewall engine and the 
management module are both stopped otherwise you can get
unpredictable results.  You do not need to perform the fw putkey for
any interface other than the public, licensed interface.  Try this:
   fw putkey -p <pwd> -n <fw public IP> <ip of mgmt module>

3.  Did you update the interfaces of the firewall workstation object?

David C. Diemer, CNE, CCSA
Enterprise Security Firewall Engineer
Georgia Department of Administrative Services (DOAS)
[email protected]>>> <[email protected]> 09/12/00 04:32PM >>>



Hi all,

I recently changed the IP address of the north side of my
firewall module (hme1).  On the module, when I do a fwstart, I
get a "Authentication command fetch failed" and the local policy
is loaded.  However, from the management console, I can push the
policy down onto the module successfully. The policy is pushed
onto the south side of my firewall (hme0).

They're both running the same version of FW.

1) Has anyone ran into this problem before?
2) I did a fw putkey on both the console and the hme0 but NOT the
hme1interface of the module.  Is there any other possible cause
of the problem besides doing a fw putkey for the hme1 interface
also?

3) when doing a fw putkey on the management server, it breaks my
connection to the other existing firewall modules.  This means
that besides stop/starting the fw console and the new fw modules,
I also will need to do the putkey again on the existing fws and
stop/start on those also.  Is there anyway that I can add a
module onto the console without having to resync keys with the
existing fw modules?

Thanks in advance,

-hungdan




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html 
================================================================================



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] FireWall-1 and Citrix problem.
Next by Date: Re: [FW1] Proxy ARP for Nokia IP330
Previous by thread: Re: [FW1] push works but fetch fails
Next by thread: RE: [FW1] [FW-1] Solution for Dr.Watson (0xc0000005) - VPN-1 4.1 SP2
Index(es):
- Date
- Thread