All,
Here's an issue that creeped up
on us and I'm hoping someone has a quick fix. We recently went out to make
a change to our policy within the Checkpoint GUI on our NT Management
Console. Everything went fine...added a new object and then we hit the
"install on firewall objects" - our "nokia1 & 2" came up with both selected
and we clicked on ok... that's when the problem started:
"Connection Refused..."
So we said...no problem... it's a simple fix, just
redo the keys.
Went to the Management Server, stopped the FW
service, did the 'fw putkey -p password -n management_IP module_IP
Went to the Firewall Module, stopped the FW service
(FWSTOP), did the 'fw putkey -p password -n module_IP management_IP
started the services back up on both systems - the
fetch succeeded and figured we be all set... went
to push the policy again and got the "Connection Refused"...
Tried it from the Command Prompt... fw load
standard.pf module_ip and it loaded properly...and it works!
So...my question... Why can't I push with the
GUI??? Help... this is Ipso 3.2.1, and Checkpoint 4.1 SP1...
Thanks in advance...we've been racking our brains
for 2 days on this one...
|