[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW1] Single management console , VPN between two firewall modules
I've found that you need to do the following: 1) on the FW module, list both the internal and external IP address of the mgmt server in the MASTERS file. 2) On the FW mgmt server, do a putkey with BOTH the internal and external address of the mgmt server (ex: fw putkey <intern IP> <extern IP> <FW Module IP>) 3) On the FW module, edit the CONTROL.MAP file (located in <FWDIR>\lib I think) and copy the the line beginning with 'MASTERS' and paste it directly above that same line. Then on the line you just pasted, replace the word 'MASTERS' with the Internal IP address of the mgmt server. This has worked for me...I'm setup in a very similar enviro. Chad Smith Sr. Network Engineer Vertis, Inc."The purpose of the race is not necessarily to win, but to test the limits of the human heart" "lok vani" <[email protected]> Sent by: To: [email protected] [email protected] cc: kpoint.com Subject: [FW1] Single management console , VPN between two firewall modules 04/30/2001 08:15 AM hi, Mgm-----------FIREWALL-A-|INTERNET|---------FIREWALL-B two firewall modules with vpn, site to site VPN has to be established. one enterprise management console, which is behind one of the firewall module A is on private ip segment. If i Static nat management console ip address. what ip address of Management Console should be given at Firewall B. if i give the natted ip address also i am not able to push the policy from the management console. if any one has tried this ..pls let me know regards lokesh _________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com. ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|