[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] interface will not function
Dear all: We are using card 4, port 4 on a Nokia 440 (4.1) appliance that has never been used before. We turned the interface on and arps work, but when a ping has been attempted, we get the following output. TXFRW05[admin]# ping 172.23.30.250 PING Thu Aug 9 15:12:07 2001 172.23.30.250: 64 data bytes Aug 9 15:12:07 TXFRW05 [LOG_CRIT] kernel: fw_filterin: 6 (eth-s4p4c0) unknown interface We did see this on www.phoneboy.com. FireWall-1 FAQ: Adding a New Interface Without Rebooting <http://www.phoneboy.com/faq/0076.html While the FireWall-1 kernel loadable module is installed, it prevents new interfaces from coming up. To add a new interface to your FireWall-1 machine without rebooting (i.e. to do this quickly as possible), you will need to un-install, the kernel loadable module, bring up the new interfaces, re-install the kernel loadable module, and reload your security policy. Warning: Unplug yourself from the network before doing these commands this since FireWall-1 will not be able to enforce your security policy at this time. The commands are: # fw ctl uninstall < Do your ifconfig commands here > # fw ctl install # fw fetch localhost Note: FireWall-1 4.0 and later does not have this limitation, neither does FireWall-1 on IPSO. Should we follow this procedure? Has anyone else run into this before? Eric ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|