NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] NG Firewall & NG Management + 4.1 in between


  • To: [email protected]
  • Subject: [FW-1] NG Firewall & NG Management + 4.1 in between
  • From: "Roelandts, Guy" <[email protected]>
  • Date: Wed, 20 Mar 2002 17:17:16 +0100
  • Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
  • Sender: Mailing list for discussion of Firewall-1 <[email protected]>
  • Thread-index: AcHQKrO2XPnGFJ5ERD6FcA2IDNTpiQ==
  • Thread-topic: NG Firewall & NG Management + 4.1 in between

Hello all,

    Has someone an idea on the following problem ?

    We had till a few days ago a distributed installation containing :

        - Management Server ( NG FP1)                   = 10.0.x.44 - Statically Natted to 16.x.y.215
        - Firewall in front of the Management ( 4.1-SP5)        = 10.0.x.10 & 16.x.y.103
        - Firewall on the Lan ( 4.1-Sp3)                        = 16.x.y.78

    Everything was working fine.

    Now we upgraded the 2d Firewall from 4.1-SP3 to NG FP1 and added a 3d Firewall sitting at 16.x.y.64

    The Management Server can push a security policy to all the Firewalls (both NG & 4.1)

    All the Firewalls are logging to the Management Server

    But none of the NG Firewalls can fetch their policy from the Management Server. I have looked and read
  quite some Nokia and CheckPoint knowledge base articles ... but none seem to be applicable to our case.

    Testing the sic communication from the Mgmt to the NG FW tells me they are communicating.

    What else could/should I check to make this work ?

    The error message I am getting when I try to fw fetch 16.x.y.215 is :

        Fetching Security Policy From: 16.x.y.215

        CPTA_GetPolicy - Fetch from management_natted Failed

        Where management_natted is the 16.x.y.215 NAT address from the Management server

    Thank you for nay help you could provide on this ....
Met vriendelijke groeten - Bien à vous - Kind regards
Guy ROELANDTS
EMEA GS Internet Expertise Centre - CCSA & CCSE
Compaq Software Engineer - Belgium
E-mail : [email protected]
Tel: +32(02)729.77.44 (options 3 - 3 - 1)
Fax: +32(02)729.77.65
==========================================================
This message may contain confidential and/or proprietary information,
and is intended only for the person/entity to whom it was originally
addressed. The content of this message may contain private views and
opinions which do not constitute a formal disclosure or commitment
unless specifically stated. Should you receive this message by mistake
please inform the sender immediately.
==========================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.