[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Lost ability to control VPN through the GUI?
Howdy, I have the following setup: - firewall A FW-1/VPN-1 4.1 (Solaris on Sparc) - firewall B FW-1/VPN-1 NG (Solaris on Sparc) - management console FW-1/VPN-1 NG (Solaris on Sparc) - GUI client NG (Win2k on Intel) A VPN is set ip between the two firewalls, they are both managed from the same management console. Everything runs fine however I have suddenly lost the ability to control the VPN part through the GUI (VPN-1 section doesn't show up anymore in the Global settings dialog; VPN options for the firewall objects are blank). The VPN itself is still working however. I have tried reinstalling the GUI a number of times (using NG, NG-HF2, NG-FP1) on different platforms (Win98, WinNT, Win2k) but that doesn't make any difference. The only thing I can think of that changed recently is the following: the initial setup was made using an evaluation license on the management console (due to problems with the upgrade of a license). This license has now expired but I installed the actual licenses. So my best guess is that there is something wrong with the licenses. I have the following license features configured: - CPFW-ENC-U-NG module = firewall A management = management server - CPFW-EPC-U-NG module = firewall A management = management server - CPVP-VFM-U-NG module = firewall B On the management console the following licenses are installed (edited to protect the innocent): management.[admin]# cplic print Host Expiration Features ID-firewallB Never CPVP-VFM-U-3DES-NG CK-xxxxxx ID-Management Never CPFW-EPC-U-MGMT-NG CK-xxxxxxxxxxxx ID-Management Never CK-xxxxxxxxxxxx ID-firewallA Never CPFW-EPC-U-MODULE-NG CK-xxxxxxxxxxx (Note the 3d line doesn't show the features, I have no idea why) Is there any way except cplic print to check which abilities the management console thinks it has. I can't find anything in the logfiles. The support guy from my supplier stated that I have to upgrade firewall A to 4.1, however this is currently not possible (heavily used production system) and I would be very suprised if this is the problem. After all NG is supposed to be able to manage 4.1, and it did work fine at the time of installation (using the eval license). Anybody experienced anything like this? Any idea how to get the VPN back? Thanks in advance, Nico --------------------------------------------------------- "It has been said that there are only two businesses that refer to customers as users: illegal drug trade and the computer industry." --------------------------------------------------------- Nico De Ranter Sony Service Center (SDCE/VPE-B) Sint Stevens Woluwestraat 55 (Rue de Woluwe-Saint-Etienne) 1130 Brussel (Bruxelles), Belgium, Europe, Earth Telephone: +32 2 724 86 41 Telefax: +32 2 726 26 86 e-mail: [email protected] ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|