[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] 4.1-SP2 Management Server problem
Thanks to all who replied. Met vriendelijke groeten - Bien à vous - Kind regards Guy ROELANDTS Compaq Software Engineer - Belgium E-mail : [email protected] Tel: +32(02)729.77.44 (options 3 - 3 - 1) Fax: +32(02)729.77.65 Hi all, I am currently facing a problem with a new installation. In fact I have a Management Server sitting behind a Firewall, let's call them MGMT and FWa, this management server serves also another Firewall, let's call him FWb. Between MGMT and FWa everything works fine, Fwb can fetch it's security policy from MGMT, but MGMT fails to push the security policy to FWb. I get the message : Authentication failed for command load, I am almost 100% sure this is a key issue, because when I disable the authentication, by modifying the control.map, everything works fine. I have done, re-done and re-done again the putkeys on both MGMT and FWb ... but it still fails, I have read quite some posting from the CheckPoint support site, from this mailing list archives and also from the Phoneboy site ... but still problems. I have re-installed the Firewall from scratch, removed the keys on both systems by editing the authkeys.C files, I have removed the client from the clients file of MGMT and removed the management server from the masters file on FWb Last thing that might be important MGMT is NATted, statically of course. Three questions : 1. is there a way to debug this ? I know you can fw fetch -d, but is there a way to do it the other way in debug mode ? 2. just to be sure, what is the exact syntax of the fw putkey command to use on both systems ? I found several different ones 3. is there a place on either MGMT or FWb where I could look for a hint ? an error ? Met vriendelijke groeten - Bien à vous - Kind regards Guy ROELANDTS Compaq Software Engineer - Belgium E-mail : [email protected] Tel: +32(02)729.77.44 (options 3 - 3 - 1) Fax: +32(02)729.77.65 ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|