[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] IPSO3.4/SSH
I am not trying to use the package. I am having issues with the built-in sshd daemon. -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Monday, September 10, 2001 10:48 AM To: Chris Arnold Cc: '[email protected] '; 'Jose Reyes '; [email protected] Subject: RE: [FW1] IPSO3.4/SSH IPSO 3.4 includes ssh...you don't need to add an additional package... Chad Smith Sr. Network Engineer Vertis, [email protected] Chris Arnold <[email protected]> To: "'Jose Reyes '" <[email protected]>, Sent by: "'[email protected] '" [email protected] <[email protected]> kpoint.com cc: Subject: RE: [FW1] IPSO3.4/SSH 09/09/2001 09:55 AM You need to upgrade your packages as well when you make the jump away from IPSO 3.2.1. Chris -----Original Message----- From: Jose Reyes To: [email protected] Sent: 9/7/01 11:22 AM Subject: [FW1] IPSO3.4/SSH Since I upgrade to 3.4 sshd does not want to start automatically after a reboot. I am able to start it manually but I frequently get this error message : [LOG_DEBUG] sshd-x[2937]: debug: tvp!=NULL kid 0 mili 10 IPSO 3.4-FCS4A #767:" . My setup is a IP440 upgraded from 3.2 FW1 SP2 to 3.4 FW1 SP4. I was running the F-Secure ssh package before the upgrade and disabled it. Any ideas? TIA -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Chris H Sent: Thursday, September 06, 2001 4:49 PM To: [email protected] Subject: [FW1] Strange Network Issue after FW-1 4.1 SP4 Upgrade LAN/WAN configuration: LAN (Srvs) - Router (Srvs) - Router (HQ) - LAN (HQ) - Firewall - Router - Internet LAN (Srvs) IP address 172.16.65.0/24 Router (Srvs) e0 IP 172.16.65.1/24 Router (HQ) e0 IP 172.16.60.2/24 LAN (HQ) 172.16.60.0/24 and 172.16.80.0/24 The router to router connection is a leased line frame relay connection. FW: NT FW-1 4.1 SP4 internal NIC 172.16.60.1/24 secondary address on same internal NIC 172.16.80.1/24 Issue: After Upgrading to SP4 WINTEL PCs in Srvs cant map drives on the HQ 172.16.60.0 LAN. HQ NT/WINTEL nodes can map drives on the Srvs LAN. Data: Sniffer placed in Srvs shows traffic originates from PC goes to Srvs router, and never returns. Sniffer placed in HQ show traffic from Srvc src from the HQ router to the HQ node and the HQ node sends the traffic to the FW then the FW never responds back to either node. Successful Test: Added a static route to the HQ node to point traffic from .65 back to the HQ router 172.16.60.2 and the Srvs PC maps without problem. Traffic originating in HQ can always reach nodes in Srvc. Checked: FW to make sure it has a static route pointing .65 back to Srvs. Question: Why would a node that received traffic from a router on the same segment pass the traffic to the FW at the MAC level? It knows the originator, but the sniffer shows that the HQ node just turns and passes the traffic to the FW MAC as if it thought that it originated from the FW. Anybody seen this before? Thanks __________________________________________________ Do You Yahoo!? Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger http://im.yahoo.com ======================================================================== ==== ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ======================================================================== ==== ==== ======================================================================== ======== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ======================================================================== ======== ======================================================================== ======== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ======================================================================== ======== ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|