[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] push works but fetch fails
1. When you say the "north" side, do you mean the public address of the firewall that you submitted for licensing to Check Point? If so, that would be a reasonable answer in itself. 2. When you do an fw putkey, make sure that the firewall engine and the management module are both stopped otherwise you can get unpredictable results. You do not need to perform the fw putkey for any interface other than the public, licensed interface. Try this: fw putkey -p <pwd> -n <fw public IP> <ip of mgmt module> 3. Did you update the interfaces of the firewall workstation object? David C. Diemer, CNE, CCSA Enterprise Security Firewall Engineer Georgia Department of Administrative Services (DOAS) [email protected]>>> <[email protected]> 09/12/00 04:32PM >>> Hi all, I recently changed the IP address of the north side of my firewall module (hme1). On the module, when I do a fwstart, I get a "Authentication command fetch failed" and the local policy is loaded. However, from the management console, I can push the policy down onto the module successfully. The policy is pushed onto the south side of my firewall (hme0). They're both running the same version of FW. 1) Has anyone ran into this problem before? 2) I did a fw putkey on both the console and the hme0 but NOT the hme1interface of the module. Is there any other possible cause of the problem besides doing a fw putkey for the hme1 interface also? 3) when doing a fw putkey on the management server, it breaks my connection to the other existing firewall modules. This means that besides stop/starting the fw console and the new fw modules, I also will need to do the putkey again on the existing fws and stop/start on those also. Is there anyway that I can add a module onto the console without having to resync keys with the existing fw modules? Thanks in advance, -hungdan ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|