[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW1] IPSO3.4/SSH
Since I upgrade to 3.4 sshd does not want to start automatically after a reboot. I am able to start it manually but I frequently get this error message : [LOG_DEBUG] sshd-x[2937]: debug: tvp!=NULL kid 0 mili 10 IPSO 3.4-FCS4A #767:" . My setup is a IP440 upgraded from 3.2 FW1 SP2 to 3.4 FW1 SP4. I was running the F-Secure ssh package before the upgrade and disabled it. Any ideas? TIA -----Original Message----- From: [email protected] [mailto:[email protected]]On Behalf Of Chris H Sent: Thursday, September 06, 2001 4:49 PM To: [email protected] Subject: [FW1] Strange Network Issue after FW-1 4.1 SP4 Upgrade LAN/WAN configuration: LAN (Srvs) - Router (Srvs) - Router (HQ) - LAN (HQ) - Firewall - Router - Internet LAN (Srvs) IP address 172.16.65.0/24 Router (Srvs) e0 IP 172.16.65.1/24 Router (HQ) e0 IP 172.16.60.2/24 LAN (HQ) 172.16.60.0/24 and 172.16.80.0/24 The router to router connection is a leased line frame relay connection. FW: NT FW-1 4.1 SP4 internal NIC 172.16.60.1/24 secondary address on same internal NIC 172.16.80.1/24 Issue: After Upgrading to SP4 WINTEL PCs in Srvs cant map drives on the HQ 172.16.60.0 LAN. HQ NT/WINTEL nodes can map drives on the Srvs LAN. Data: Sniffer placed in Srvs shows traffic originates from PC goes to Srvs router, and never returns. Sniffer placed in HQ show traffic from Srvc src from the HQ router to the HQ node and the HQ node sends the traffic to the FW then the FW never responds back to either node. Successful Test: Added a static route to the HQ node to point traffic from .65 back to the HQ router 172.16.60.2 and the Srvs PC maps without problem. Traffic originating in HQ can always reach nodes in Srvc. Checked: FW to make sure it has a static route pointing .65 back to Srvs. Question: Why would a node that received traffic from a router on the same segment pass the traffic to the FW at the MAC level? It knows the originator, but the sniffer shows that the HQ node just turns and passes the traffic to the FW MAC as if it thought that it originated from the FW. Anybody seen this before? Thanks __________________________________________________ Do You Yahoo!? Get email alerts & NEW webcam video instant messaging with Yahoo! Messenger http://im.yahoo.com ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================ ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|