NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] Management server connected to multiple networks?



If the firewall is seeing the network A IP of the management station
(expected), then the thing to do is to enter that as the IP address to allow
on the Network B firewall.  Assuming firewall B has a valid route back to
network A, you should be set.

You could also try NATing the FW control connections destined to the B
network with a translate source of the network B interface of the management
server (if you have a router handy to do the translation with, or your OS
will do that), but option #1 would be easier if it works.

Good luck!

Dan Hitchcock
CCNA, MCSE
Network Engineer
Xylo, Inc. (formerly employeesavings.com)The work/life solution for corporate thought leaders


-----Original Message-----
From: Jesse St. Laurent [mailto:[email protected]]
Sent: Friday, September 15, 2000 10:12 AM
To: [email protected]
Subject: [FW1] Management server connected to multiple networks?



I currently have a management server that is connected to two networks (A
and B). Let's say network A is 10.x.x.x and network B is 192.168.x.x. I have
a number of firewalls on the A network that are currently managed with no
problems.

I am in the process of trying to get a new firewall up on network B and not
able to push down a rulebase. I get an authentication failed. The strange
thing is that the IP referenced in the authentication failed message is the
management consoles IP on the A network.

The management server and firewall objects in question all list network B as
their primary IP. The firewall in question lists its master as the network B
address of the management server.

I have redone the putkeys several times and still no luck pushing the
policy.

Any ideas?

Thanks,
 - Jesse

-----------------------------------------------------------
 Jesse St. Laurent
 Corporate Technologies, Inc.
 www.cptech.com============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents � 2003 Network Presence, LLC. All rights reserved.