NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW1] Single management console , VPN between two firewall modules


I've found that you need to do the following:

1) on the FW module, list both the internal and external IP address of the
mgmt server in the MASTERS file.
2) On the FW mgmt server, do a putkey with BOTH the internal and external
address of the mgmt server (ex: fw putkey <intern IP> <extern IP> <FW
Module IP>)
3) On the FW module, edit the CONTROL.MAP file (located in <FWDIR>\lib I
think) and copy the the line beginning with 'MASTERS' and paste it directly
above that same line.  Then on the line you just pasted, replace the word
'MASTERS' with the Internal IP address of the mgmt server.

This has worked for me...I'm setup in a very similar enviro.


Chad Smith
Sr. Network Engineer
Vertis, Inc."The purpose of the race is not necessarily to win, but to test the limits
of the human heart"


                                                                                                                                          
                    "lok vani" <[email protected]>                                                                                      
                    Sent by:                                    To:     [email protected]                      
                    [email protected]        cc:                                                                       
                    kpoint.com                                  Subject:     [FW1] Single management console , VPN between two firewall   
                                                                modules                                                                   
                                                                                                                                          
                    04/30/2001 08:15 AM                                                                                                   
                                                                                                                                          
                                                                                                                                          





hi,

Mgm-----------FIREWALL-A-|INTERNET|---------FIREWALL-B

two firewall modules with vpn, site to site VPN has to be established.

one enterprise management console, which is behind one of the firewall
module A is  on private ip segment.

If i Static nat management console ip address.

what ip address of Management Console should be given at Firewall B.

if i give the natted ip address also i am not able to push the policy from
the management console.

if any one has tried this ..pls let me know

regards
lokesh
_________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com.



================================================================================

     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================






================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================


 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.