[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
RE: [FW1] Management server connected to multiple networks?
If the firewall is seeing the network A IP of the management station
(expected), then the thing to do is to enter that as the IP address to allow
on the Network B firewall. Assuming firewall B has a valid route back to
network A, you should be set.
You could also try NATing the FW control connections destined to the B
network with a translate source of the network B interface of the management
server (if you have a router handy to do the translation with, or your OS
will do that), but option #1 would be easier if it works.
Good luck!
Dan Hitchcock
CCNA, MCSE
Network Engineer
Xylo, Inc. (formerly employeesavings.com)The work/life solution for corporate thought leaders
-----Original Message-----
From: Jesse St. Laurent [mailto:[email protected]]
Sent: Friday, September 15, 2000 10:12 AM
To: [email protected]
Subject: [FW1] Management server connected to multiple networks?
I currently have a management server that is connected to two networks (A
and B). Let's say network A is 10.x.x.x and network B is 192.168.x.x. I have
a number of firewalls on the A network that are currently managed with no
problems.
I am in the process of trying to get a new firewall up on network B and not
able to push down a rulebase. I get an authentication failed. The strange
thing is that the IP referenced in the authentication failed message is the
management consoles IP on the A network.
The management server and firewall objects in question all list network B as
their primary IP. The firewall in question lists its master as the network B
address of the management server.
I have redone the putkeys several times and still no luck pushing the
policy.
Any ideas?
Thanks,
- Jesse
-----------------------------------------------------------
Jesse St. Laurent
Corporate Technologies, Inc.
www.cptech.com============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================