Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

RE: [FW1] 4.1-SP2 Management Server problem

To: "'[email protected]'" <[email protected]>
Subject: RE: [FW1] 4.1-SP2 Management Server problem
From: "Roelandts, Guy" <[email protected]>
Date: Thu, 22 Feb 2001 11:39:35 -0000
Sender: [email protected]

Thanks to all who replied.

Met vriendelijke groeten - Bien à vous - Kind regards

Guy ROELANDTS
Compaq Software Engineer - Belgium
E-mail : [email protected]
Tel: +32(02)729.77.44 (options  3 - 3 - 1)
Fax: +32(02)729.77.65


Hi all,

   I am currently facing a problem with a new installation.

   In fact I have a Management Server sitting behind a Firewall,
 let's call them MGMT and FWa, this management server serves also
 another Firewall, let's call him FWb.

   Between MGMT and FWa everything works fine, Fwb can fetch it's
 security policy from MGMT, but MGMT fails to push the security
 policy to FWb. I get the message : Authentication failed for
 command load, I am almost 100% sure this is a key issue, because
 when I disable the authentication, by modifying the control.map,
 everything works fine.

   I have done, re-done and re-done again the putkeys on both MGMT
 and FWb ... but it still fails, I have read quite some posting from
 the CheckPoint support site, from this mailing list archives and also
 from the Phoneboy site ... but still problems. I have re-installed
 the Firewall from scratch, removed the keys on both systems by
 editing the authkeys.C files, I have removed the client from the
 clients file of MGMT and removed the management server from the masters
 file on FWb 

    Last thing that might be important MGMT is NATted, statically of course.

   Three questions : 

  1. is there a way to debug this ? I know you can fw fetch -d, but is
     there a way to do it the other way in debug mode ?

  2. just to be sure, what is the exact syntax of the fw putkey command to
     use on both systems ? I found several different ones 
  
  3. is there a place on either MGMT or FWb where I could look for a
     hint ? an error ?

Met vriendelijke groeten - Bien à vous - Kind regards

Guy ROELANDTS
Compaq Software Engineer - Belgium
E-mail : [email protected]
Tel: +32(02)729.77.44 (options  3 - 3 - 1)
Fax: +32(02)729.77.65


============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: [FW1] RE: [Snort-users] IDS Deployment -- opinions please...
Next by Date: [FW1] SecuRemote on Win2000 with DNS and NO WINS/LMHOST
Previous by thread: RE: RE: [FW1] 4.1-SP2 Management Server problem
Next by thread: RE: [FW1] Nokia (Network Alchemy) CC 500 (Crypto Cluster) and FW1 SP2 on NT
Index(es):
- Date
- Thread