|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Failed to download connection timed out
The policy you are trying to install is probably blocking connections from the Management to the module. This way, the download is successful, the install command is accepted, but the minute the policy gets installed on the module you get disconnected. Other possible cause: SP2, with it's new features, may be killing your session, something like "unknown established tcp packet". When the policy is reloaded, the state table is cleared, and your session may get dropped. Write me if you need more info on how to apply a workaround for this problem. HTH, Michael. -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Thursday, January 11, 2001 11:18 PM To: [email protected] Subject: [FW1] Failed to download connection timed out Hello Background: We are running Checkpoint 4.1 sp2 on our NT 4 firewalls. We have one master and 2 remote module firewalls using IKE and VPN. I am trying to install another remote module firewall, I can ping/tracert it by name and IP and it can ping/tracert me. The license Exchange worked fine. I just tried to install a basic ruleset for the remote module(just firewall communications and ICMP). Here is my problem: I am having problems pushing rules to the remote module. It is the strangest thing, the push "says" it timed out but the rule set installs on the remote firewall (the event log on the remote says it received a rule set, fw stat also says it has a rule set), and it logs to the master fine. Things I have tried: rebooting both boxes (it is a Microsoft product...) checked the hosts and master file and they look good. checked the control.map and it looked just like the other firewalls. The remote firewall can pull the rule set through the fw fetch command. The ping times around 112ms, so I don't think it is a timeout problem I am leaning towards a configuration problem on the module side, because I have two other firewall modules that are working fine. The remote firewall is on the other side of the pond so it is hard to diagnose if everything is OK with it Any other suggestions, I am fairly new at this, I had a Firewall consultant holding my hand for the other 2 remote firewall installs. Scott ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
