[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] (2) Bad SIC status between NT4.0 and Linux RH6.2
Hans, Check your time and date on both management and module - they should match. I had the same error and this was the cause. Hope this helps- Will -----Original Message----- From: [email protected] [mailto:[email protected]] Sent: Wednesday, September 26, 2001 5:25 AM To: [email protected] Cc: Erik Esmeijer Subject: [FW1] (2) Bad SIC status between NT4.0 and Linux RH6.2 Hi, (1) Im evaluating Checkpoint NG with a distributed setup: - management server and management clients on Windows NT Workstation SP6a - enforcement module on Linux Redhat 6.2, kernel 2.2.19 normal communication between the two machines is ok, but when I use the Policy editor on the management host, and enter the Linux box as a gateway, it is possible to establish a trust under the Communication button, but testing the SIC status is not possible: Sic status from <host>: Not Communicating Internal SSL authentication error [ alert from peer bad certificate ] *** Contact Check Point Support *** (2) Also, when using secure update, It is not possible to attach a central license for the enforcement module. I right-click the Linux gateway that has the enforcement module installed and that I had to enter in the policy editor first, then I choose Attach Licenses... A dialog box will popup, and I select one of my licenses, and click on the Attach button. NOTHING HAPPENS. no error, nothing. (3) In both cases (1) and (2), when I run tcpdump at the Linux gateway on the interface that is connected to the management host, I will see some traffic between: linuxgw.zinopsys.nl.18191 > mgmthst.zinopsys.nl.1144 mgmthst.zinopsys.nl.1144 > linuxgw.zinopsys.nl.18191 etc.. At the same time, on the console will be logged: FW-1: cannot write to host_table My wild guess is, that checkpoint modules have an internal host_table which are needed for both SIC communication and plugging in the licenses. If, for some reason ???? the module can't write to the host_table, It also won't communicate with remote modules. Anyone who can tell me what a host_table is, where I can find it, and help it to behave in a better way? (BTW, latest hotfixes are installed on both machines) Grtz -- hansb +-----------------------------------------------------+ | Hans Bayle <[email protected]> | | Technical Consultant | | | | Zinopsys BV | | phone +31 20 6123614 | | mobile +31 6 53948140 | | fax +31 20 6123849 | | [email protected] | +-----------------------------------------------------+ -----BEGIN PGP PUBLIC KEY BLOCK----- Version: PGP 7.0.4 mQGiBDtVZSIRBADlhMHgAHggPJSHY2x1L47zxwj3seca9hdJGEmlXnNBcD3nwTrf Zm7g03cTAj3Nm1Rbdz55kZ9fs7ijYlvDAGWSkOQix7+ZWNQN4m255WNWzq/osff6 n8PNluJbmNvMQjUsYpsfFYoYVhPsWcQZwyuaDnHfnm/EO2n3uTmWEz5jLQCg/+wQ Cub/dg/Ci54D2G64KfImsDMD/2jskzfN6i1UCBV6l3GPyKBasHpKwSa2ETHvYc+N 8S90ncKykTUJwjK2hyXXGUEpCxYyTno0QEFiPMVBPBUXOUtxiUvCNZ/Jb/2zsgxk H1mJDYhrMNHkImsquEr3uHmxDcFifYLzF8d717XoThdv9t+YVK22wXdan8CaD956 Ibl/A/0SJZJB467jPc/o2lheDGN/RBGJOBxvoT58s7JpyTllj4incRC3/A8HHqco h/7RyY7IkKd7O4csPMhuLb8nvqNDJzhxSOYX1SFUcHUqLvwcRxK+vgf//ns3rzCY jvWkks3N6DtYnxOfJxEkyU5EQkOopGYMCfGqRFcefmE89HZAmbQjSGFucyBCYXls ZSA8aGFucy5iYXlsZUB6aW5vcHN5cy5ubD6JAFUEEBECABUFAjtVZSIFCwMCAQoC GQEFGwMAAAAACgkQk36sqCmCr74JHQCgqNQqt5kXe+L7DTzm3CU9MeS24/UAnRpu mO41wVIEs2ab0djwsIPt3jGkuQQNBDtVZSIQEAD5GKB+WgZhekOQldwFbIeG7GHs zUUfDtjgo3nGydx6C6zkP+NGlLYwSlPXfAIWSIC1FeUpmamfB3TT/+OhxZYgTphl uNgN7hBdq7YXHFHYUMoiV0MpvpXoVis4eFwL2/hMTdXjqkbM+84X6CqdFGHjhKlP 0YOEqHm274+nQ0YIxswdd1ckOErixPDojhNnl06SE2H22+slDhf99pj3yHx5sHId OHX79sFzxIMRJitDYMPj6NYK/aEoJguuqa6zZQ+iAFMBoHzWq6MSHvoPKs4fdIRP yvMX86RA6dfSd7ZCLQI2wSbLaF6dfJgJCo1+Le3kXXn11JJPmxiO/CqnS3wy9kJX twh/CBdyorrWqULzBej5UxE5T7bxbrlLOCDaAadWoxTpj0BV89AHxstDqZSt90xk hkn4DIO9ZekX1KHTUPj1WV/cdlJPPT2N286Z4VeSWc39uK50T8X8dryDxUcwYc58 yWb/Ffm7/ZFexwGq01uejaClcjrUGvC/RgBYK+X0iP1YTknbzSC0neSRBzZrM2w4 DUUdD3yIsxx8Wy2O9vPJI8BD8KVbGI2Ou1WMuF040zT9fBdXQ6MdGGzeMyEstSr/ POGxKUAYEY18hKcKctaGxAMZyAcpesqVDNmWn6vQClCbAkbTCD1mpF1Bn5x8vYlL IhkmuquiXsNV6z3WFwACAhAAx5mt74u1Lm1KgkN/fywCNOE4QqOOXlkyxrKzfANB 50IzhcCF+B5siyzdXwnaAv0elFjiooGXQqN5h/IGKW1LbohEfaeJWk1KHfFb4KAj 9GWuKBA/EdOro0S9/kiYEyvgy8ybN0jJ0mmgQygwoq30LXxwkj2F3rYi82LMQyvC WTUq9Vv9nsmr/KmvQZlA7VkjDV+8OZqddjs1HQP0A4Ot7F7jEOhQDsKx6iNOPjEs wbzIjf1hDwDOrm2O791mIeixKCO3nKLyuAYulXc5jn/BbZeloqLZVfgB8oAgisiK oCwE9ksBP8pZ1+cC2GvRgnPSC+8MvmoB640swxdzaR6wxn+EzoYsL8gVotf6pIPn xVPNm9Ob/UvF7veIybmTxsDYjpXQqPz3KauAISc93U89rAMLRhPDK/mqo47lYlYD XXH8izOfqgCnmrhC4hwgkjwDQlfphyTiU4a0GNPqX1hzwebAljP6PXPHaV9iKWrD lByQbi1lg4EIdardziOK8sKaN9g1FYi5CUZKj5Y8t9zM0Qv+QA1H6+HdY2eO45hf x/Vdcdn8fGEGVbXUWR4RHAktgn1qMe647fIkgIZHgBNA0M9Jc7O3bq7ckq61d3yy GWgVDk3PbPunPRO6pTvQ47n5Ay7/G0DmjoTS5cxxVscrEJhf/Hr+GD0UGUIDZlcK YMuJAEwEGBECAAwFAjtVZSIFGwwAAAAACgkQk36sqCmCr76/5ACdH/bvSyZM+Vtl oBfp567hCoSa3EwAoMqdkXW0Tr5m7tsuW7JTJHUutpt3 =PFQh -----END PGP PUBLIC KEY BLOCK----- ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|