NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] NG - UNACCEPTABLE


  • To: [email protected]
  • Subject: Re: [FW-1] NG - UNACCEPTABLE
  • From: Aeon Hale <[email protected]>
  • Date: Wed, 9 Jan 2002 07:59:36 -0500
  • Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
  • Sender: Mailing list for discussion of Firewall-1 <[email protected]>
  • Thread-index: AcGZDT0JzlNP52aRRue6bh1Hb5A30AAABVSw
  • Thread-topic: Re: [FW-1] NG - UNACCEPTABLE

I"m trying to load NG FR1 on 2k and i'm getting "unable to rename
fw_w2k.sys" during the install.  Before that, I received an error
"cannot load Fw kernel".  Any ideas?  I have sucessfully installed NG on
2k before this, but this server is giving me grief.

-----Original Message-----
From: James Oryszczyn [mailto:[email protected]]
Sent: Tuesday, January 08, 2002 11:32 PM
To: [email protected]
Subject: Re: [FW-1] NG - UNACCEPTABLE


I think they are Crazy.  I have Implement NG FR1 and it works great. I
have
put it on a W2k machine with no problems.  NG without FR1 is very buggy
and
unstable, but I feel that NG FR1 is stable.

James
----- Original Message -----
From: "Anthony Mann" <[email protected]>
To: <[email protected]>
Sent: Tuesday, January 08, 2002 8:39 PM
Subject: [FW-1] NG - UNACCEPTABLE


> I caught the tail end of this thread. Could someone please email the
> complete discussion?
>
> We were going to implement NG within the month...
>
> -----Original Message-----
> From: Mailing list for discussion of Firewall-1
> [mailto:[email protected]] On Behalf Of
> Zeltser, Roman
> Sent: Thursday, January 03, 2002 5:13 PM
> To: [email protected]
> Subject: Re: [FW-1] NG - UNACCEPTABLE!!! Re: WAS Is NG ready for
general
> use ?
>
> My coworkers said: do not run NG on Wintel!
>
> **********************************
> Roman Zeltser,
> @National Computer Center,
> RSIS & DNE
>
>
>
> -----Original Message-----
> From: Mark Whitworth [mailto:[email protected]]
> Sent: Thursday, January 03, 2002 2:51 PM
> To: [email protected]
> Subject: [FW-1] NG - UNACCEPTABLE!!! Re: WAS Is NG ready for general
use
> ?
> Importance: High
>
>
> I know someone asked if NG was ready for general use, and others have
> been
> asking how soon they could get it.  I would like to mention some
> problems
> we've seen and see if anyone else has seen the logging issue
> specifically,
> and I would wholeheartedly say that if you upgrade - BEWARE!!
>
> We have been running FW-1 for years on multiple firewalls, all Wintel
> boxes.
> Most recently, we were on 4.1 with the latest service packs on top of
NT
> 4.0
> SP6a.  We upgraded in a rolling fashion onto clean Win2K installs and
> tried
> to import our objects/policies as instructed. Following the
instructions
> on
> how to do this and in various FAQs yielded only hours of frustration.
> We
> had to rebuild from scratch.
>
> Although we got our site-site VPNs up, we have seen a multitude of
other
> errors.  DNS/AD errors via the site-to-site VPN that did not
previously
> exist, and which do not occur when tunneled alternatively via
> Netscreens.
> Securemote failures due to missing SKU line items on paid-for (not
eval)
> licenses from the Checkpoint site!!!!  Intermittent object errors on
> policy
> verification on objects that have not been modified in any way.
Errors
> on
> trying to delete objects, with advice to contact technical support.
To
> top
> it off, BSODs on multiple installs of FP1.
>
> Actually, there is even one more issue we've seen which rivals the
> BSODs.
> We have "front door" and "back door" firewalls which protect different
> numbers of hosts.  The front door firewalls have always had unlimited
> licenses, while the back door firewall had a 250 count license because
> we
> have roughly that many hosts.  In our 4.1 and even mixed 4.1-NG
> environments, we saw no logging issues.  However, as soon as we took
the
> back door firewall to NG, now when it detects "too many internal hosts
> (typically due to transient laptops), it logs an error to our central
> management station and ALL firewalls stop logging!!!!!  Actually, at
> some
> point we still see logged events, but it ultimately fails and no items
> after
> that error are displayed in the gui any more.  To reinitiate, you have
> to
> clear the appropriate files, CPSTOP/CPSTART, and reinstall putkeys.
> Talk
> about the most screwed up thing ever.  TOTALLY UNACCEPTABLE, and if
any
> of
> you are on this borderline, I recommend you not upgrade.  We will
likely
> upgrade our license, but this is not the manner in which this should
> have
> been handled.  I requested an eval license and even though Checkpoint
> technical support told me this was not the issue, and we had no
logging
> problems until the day after it expired.  Same issue.
>
> These items have all been reported to and ignored by Checkpoint.
> Largely
> the reason we are evaluating other products.
>
> Mark Whitworth
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.