[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] Problems with ACE authentication after upgrade to ACE 5.0
The problem still exists, but I have been able to reproduce the problem in a test environment. Thank you for the suggestions, about specifying all of the firewall interfaces as secondary nodes. I did the specification and authentication still fails on the 2nd and subsequent events. The authentication path uses a secondary interface, which is the internal address of the firewall. When I first started using 3.3.1, I failed to identify the secondary interfaces. In that environment, the node did not authenticate the first time. Here, in 5.0, sdshell works great ONCE! The failure is the same if I use fully qualified names or simple names. The failure is the same if the node is listed in the hosts or just DNS. sdinfo shows hosts file and DNS reference. ADDRESSES: By name in host file or name service or ADDRESSES: By IP address in RSA ACE/Server database I have logged a call with tech support. As I find and fix the problem, I will post the information. Note: If anyone is moving from ACE 3.3.1 to ACE 5.0, be sure to get the hotfix. The fix has two binaries, _ld_log and _ld_srv, which tolerates some administration privilege fields that are different in 5.0 vs 3.3.1 greg -- _______________________________________________________________ Greg Polanski mailto:[email protected] ADC Telecommunications, IncMSFAX PO Box 1cell/pager Minneapolis, MN [email protected] _______________________________________________________________ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|