Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW1] Problem while upgrading Solaris 2.5 FW-1 3.0b SP8 to Nokia IP440 4.1 SP2.

To: [email protected]
Subject: [FW1] Problem while upgrading Solaris 2.5 FW-1 3.0b SP8 to Nokia IP440 4.1 SP2.
From: Alan Choyna <[email protected]>
Date: Wed, 30 May 2001 17:56:32 -0500
Sender: [email protected]

Sorry for this longish post, but l have an upgrade problem, and want to give you all information so you can better know my situation.

I have read that you can successfully upgrade from 3.0b to 41.1 SP2 as long as you upgrade via 4.0 SP5, which is what l have done.

Whilst l can now compile the ruleset and load it using the command line, l cannot access the rules/objects via the GUI (version 4.1 on an NT PC). Since we cannot verify via the GUI that the rules/objects/NAT are ok after the upgrade l cannot continue with the upgrade.

Everything seems fine until you try to access the Rule Editor with the GUI. The Nokia boots up fine, and when you start FW-1 (fwstart) both the firewall and firewall manager processes start fine, and the ruleset which l created via the command line (fwm -g ruleset.W) is found and loaded successfully.

I am fairly sure that we installed the GUI correctly on the NT PC, and that we have configured new box correctly to allow the PC as a valid GUI host. It seems to timeout whilst trying to load the rules, and hangs the GUI, leaving the NT CPU running at 100%. (even after l set the timeout option fw_comm_tout to 90 seconds).

We only have 36 rules (which l will cut down to 15 or so, after all is well) and about 100 objects, so l don't think the size of either is causing the GUI to hang.

The funny thing is that we were able to bring the rules/objects up correctly once via the GUI. The Rules and Objects looked fine, but we could not save or load changes from it (times out and hangs the Policy editor, CPU to 100%). Since then, we have had no success in bringing up the rules/objects again on the GUI.

We loaded 3.0b onto a friends Nokia IP330 and then copied the solaris 3.0b conf, database and state directories into $FWDIR. We then upgraded to 4.0 SP5, and then upgraded again to 4.1 SP2.

Phoneboy mentions to migrate from 3.0b -> 4.0 SP1 -> 4.0 SP5 -> 4.1 SP2, so l'm wondering if this is the problem.

This has me stumped and l am not just trying to save the time of manually adding all of the rules, objects and NAT to the IP440, l want to do it to avoid transcription errors. Your help and advice would be truly appreciated.

Have l missed some steps? Any clues? Has anyone done this before?

thanks in advance,

Alan.


================================================================================
    To unsubscribe from this mailing list, please see the instructions at
              http://www.checkpoint.com/services/mailing.html
================================================================================

Prev by Date: RE: [FW1] RE: NAT - Manual or Auto??
Next by Date: RE: [FW1] NIC problem with WIN2k
Previous by thread: RE: [FW1] setting it up
Next by thread: [FW1] HTTP slow through FW1
Index(es):
- Date
- Thread