Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Weirdness with SP3

To: <[email protected]>
Subject: [FW1] Weirdness with SP3
From: "Julius Oklamcak" <[email protected]>
Date: Sun, 7 Jan 2001 18:31:15 -0800
Importance: Normal
Sender: [email protected]

We've been using FireWall-1 for several years now. Lately, each new service
pack is met with apprehension. Did they fix the problems we've been running
into? What did they break this time?

Alas, FW-1 4.1 SP3 has been no different...

On one machine, the sacrificial goat, I get the following sequence of
messages, newest to oldest, in the event log during boot up (WinNT 4.0
Server w/SP6a):

  Error: FW1SVC: Fetching Security Policy from localhost failed
  Error: FireWall-1: Using external interface 'E100B1'
  Info: FW1SVC: Setting fwforwarding suceeded
  Error: FireWall-1: fw_ctl_forwarding: setting to 2
  Error: FW1SVC: Fetching Security Policy from localhost failed
  Info: FireWall-1: Remote FireWall MGICAZ is connected
  Error: FireWall-1: Using external interface 'E100B1'
  Error: FireWall-1: fw: no license for 'routers'
  Info: FireWall-1: FireWall-1 server is running
  Info: FireWall-1: FireWall-1 Management Server is running
  Info: VPN-1 Accelerator Card is not available

At first, I would simply go in and re-install the policy and things would
work just fine. After some diddling around with this infernal software this
weekend, turns out that if you leave the machine alone for about 10-15
minutes, the security policy somehow ends up getting loaded and everything
works just fine. Yet the last message in the event log is "Fetching Security
Policy from localhost failed". Go figure.

Since this service pack did fix one thing, hundreds of event log entries
about an error copying some 55-odd bytes, this service pack was install on a
machine at another location with a very identical setup as far as hardware,
software, rules and so on. Guess what? The last message in the event log
says that fetching the security policy worked. Go figure.

A minor beef is that for information messages, or alerts, FW-1 writes it
into the event log as an error. 'scuse me, "Using external interface
'E100B1' " and "fw_ctl_forwarding: setting to 2" are errors? Right.

So tell me, who writes this stuff and just who QA's it? Kids at home at the
kitchen table in their underwear? For the price we pay for this software, we
should not be seeing this kind of silliness.

BTW, CheckPoint, "suceeded" is spelled "succeeded".

Thanks for listening.



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] Strange Log Entry
Next by Date: [FW1] what is the port number for exceed program?
Previous by thread: [FW1] LDAP user name
Next by thread: [FW1] what is the port number for exceed program?
Index(es):
- Date
- Thread