| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[FW-1] Logging on the Nokia Platform
- To: [email protected]
- Subject: [FW-1] Logging on the Nokia Platform
- From: "King, Arron S." <[email protected]>
- Date: Wed, 13 Mar 2002 13:30:47 -0500
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- Thread-index: AcHKvTMAmlmvP+1eTNSsj2yB0Ua+Vg==
- Thread-topic: Logging on the Nokia Platform
Hello,
I am having trouble with logging in my particular environment, and as I have been researching, I am not sure that I am taking the best approach or even fully understand how logging works with Firewwall-1 on the Nokia platform.
My environment: Nokia IP 440 with Checkpoint FW-1 4.1 SP1 managed by an NT4 sp6a box (soon to be upgraded to Win2k) running FW-1 GUI & management console 4.1.
The problem: We are logging a lot. The management station is happily gathering logs from the FW. After some period of time, it stops gathering logs. The NT Event Viewer shows 2 errors that seem to correspond (first: FireWall-1: fwauthd: cannot run server polsrvd: Authentication Services are unavailable. Connection refused.
Second: FireWall-1: fwauthd: will try late... (x times left) )
I've seen an article on Nokia's site about an RDP Stability Fix (Oct 2001). That sounds like it may help; but it requires me to upgrade to SP5 which also is going to require me to upgrade IPSO (My budget has been slashed, and I don't have a lab environment to do it in first, so I need to do a lot of research and would prefer to wait until I can obtain consulting $$)
In searching Nokia's site, I've seen articles on switching and exporting logs directly from the 440 itself - which brings me to a few more questions.
It sounds like I *can* do log management right on the Nokia. Is that a better way to go ? (do a logswitch, export, and then ftp over to the management station)
Logging as I understand it (on the Nokia platform) works similar to this:
The Nokia stores the logs. When the fw service is running on my NT management station, it pulls the logs down. When the service is not running on my management station, the logs accumulate on the Nokia. (which I can later pull down manually by using the -h in addition to the + or - flags on logswitch).
If the best way to fix it (and get the results that I need) are to upgrade, then that's what I'll do. Just a tad nervous about upgrading the only device that connects us to the Internet - without an easy rollback...
Thanks!
Arron
_________________________________________________
Arron King
Network & Systems Administrator
Ohio Dominican College
[email protected]
http:\\www.odc.edu\~kinga
_________________________________________________
Arron King
Network & Systems Administrator
Ohio Dominican College
[email protected]
http:\\www.odc.edu\~kinga
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
|
|
