Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] VPN with v4.1 and v4.0

To: [email protected]
Subject: [FW1] VPN with v4.1 and v4.0
From: Jason Hill <[email protected]>
Date: Wed, 4 Oct 2000 14:23:15 -0400
Sender: [email protected]


I have a dozen firewalls, 5 of which are managed from a remote management
console, and 7 of which are managed from my management console.  I recently
upgraded my management console to CP 2000, or version 4.1.  I have no problems
managing my firewall from this.  Last night I upgraded my local firewall
gateway from v4.0 to v4.1.  I changed the object definition to reflect the
fact that the firewall is now at 4.1.  Everything seems to work just fine on
the firewall, except that now encryption is broken to all of the other
firewalls.

My 7 firewalls all use my management console for their CA, and the other 5 use
the other management console for thier CA.  I was able to generate new keys
for the 4.1 firewall, which of course replaced the keys on all of my 7
firewalls.  I pushed out new policies to all of my firewalls, then got the
keys from the remote management server and pushed out policies to the 5 other
firewalls.  Basically, everybody now has new keys, and fresh policies.
Encryption still works among all of the firewalls except for mine.

The only error messages I'm getting from the firewalls is "Failed to
reply scheme: FWZ"  from my firewall trying to VPN to others.

>From external firewalls, trying to VPN to me, I get:

"No peer gateway found for the destination sheme: FWZ"


I cloned my disk last night before the upgrade, so today I just booted
from the old disk, after changing the object definition of the firewall
to be 4.0 again.  The firewall came up just fine as a 4.0 firewall, fetched
the new policy, and encryption works again between this one and all of the
others.  What am I missing?  It doesn't seem to be a rule problem, because
it works great under 4.0.  Nothing changes in terms of the rules or the
object definition from 4.0 to 4.1 (except the box that shows the firewall
version, of course), and yet encryption breaks.

Any help would be appreciated.  Sorry for such a long post.

Jason


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] ETMDRV: License Violation Detected
Next by Date: [FW1] ETMDRV: License Violation Detected, more
Previous by thread: RE: [FW1] ETMDRV: License Violation Detected
Next by thread: [FW1] ETMDRV: License Violation Detected, more
Index(es):
- Date
- Thread