Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] AW: [FW-1] AW: [FW-1] ACE/Server and Nokia IPSO

To: [email protected]
Subject: [FW-1] AW: [FW-1] AW: [FW-1] ACE/Server and Nokia IPSO
From: Pluym Christian <[email protected]>
Date: Tue, 9 Apr 2002 13:06:09 +0200
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Hi,

the node secret should be in /var/ace/securid .
What is the timestamp on the file, maybe you had an older one?
What do the ACE/Server log say?
What say the firewall logs, is the communication between ACE Client (Nokia)
and ACE Server accepted (Port 5500/UDP)?
Make sure that the client nodename and IP defined on the ACE/Server is the
hostname as defined on Nokia.
Did you list FW interfaces which are to be used for authentication
connections on ACE/Server as "Secondary nodes"?
Do you have NAT between FW and ACE?

Before testing the authentication through SecuRemote, you should test telnet
to Port 259, or better yet, sdshell on ACE itself (the ACE/Server host must
be defined  as a client in that case).

Regards,
        Christian

> ----------
> Von:  Ahti Akel[SMTP:[email protected]]
> Antwort an:   Mailing list for discussion of Firewall-1
> Gesendet:     Dienstag, 9. April 2002 09:22
> An:   [email protected]
> Betreff:      Re: [FW-1] AW: [FW-1] ACE/Server and Nokia IPSO
>
> Thank you,
>
> Nokia box is a client.
> How do I check if it has received the "node secret" ?
>
> --
> Ahti
>
>
> On Mon, Apr 08, 2002 at 11:14:56AM -0400, Zeltser, Roman wrote:
> > Ahti,
> >
> > Check the name resolution and correct services on both machines. They
> should
> > match. It solves about 30% of problems. Run ./sdinfo and check the
> > information presented on the screen.
> > I assume that the Nokia box is a client (or it's the secondary server?).
> If
> > it's the client, than check if it has received the "node secret".
> >
> > **********************************
> > Roman Zeltser,
> > @National Computer Center,
> > RSIS & DNE
> >
> >
> >
> > -----Original Message-----
> > From: Chris Arnold [mailto:[email protected]]
> > Sent: Monday, April 08, 2002 10:09 AM
> > To: [email protected]
> > Subject: Re: [FW-1] AW: [FW-1] ACE/Server and Nokia IPSO
> >
> >
> > Perhaps you meant /var/ace/sdconf.rec?
> >
> > Chris
> >
> > -----Original Message-----
> > From: Zapf Bernhard [mailto:[email protected]]
> > Sent: Monday, April 08, 2002 8:28 AM
> > To: [email protected]
> > Subject: [FW-1] AW: [FW-1] ACE/Server and Nokia IPSO
> >
> >
> > Have you placed a copy from your sdconf.reg file (from your ACE-Server)
> into
> > /ACE/DATA on your nokia. This file will be need for communication
> between
> > firewall and ace-server
> >
> > Bernhard
> >
> > > -----Ursprüngliche Nachricht-----
> > > Von:  Ahti Akel [SMTP:[email protected]]
> > > Gesendet am:  Montag, 8. April 2002 14:52
> > > An:   [email protected]
> > > Betreff:      [FW-1] ACE/Server and Nokia IPSO
> > >
> > > Hello,
> > >
> > > Does anybody have solution, where SecuRemote users using SecurID for
> > > authentication and the VPN-1 is running on Nokia IPSO. There is
> ACE/Server
> > > on local network but it seems that Nokia box and ACE/Server does not
> > > communicate when it should.
> > >
> > > I have read through all the available instructions and troubleshoot
> guides
> > > but no result.
> > >
> > > Versions:
> > > IPSO 3.4.1
> > > VPN-1 v4.1 SP5a
> > > ACE/Server v3.3
> > > SecuRemote build 4
> > >
> > > Is there any special issues ?
> > >
> > > --
> > > Best regards,
> > > Ahti Akel
> > > CCSE
> > >
> > > =================================================
> > > To set vacation, Out Of Office, or away messages,
> > > send an email to [email protected]
> > > in the BODY of the email add:
> > > set fw-1-mailinglist nomail
> > > =================================================
> > > To unsubscribe from this mailing list,
> > > please see the instructions at
> > > http://www.checkpoint.com/services/mailing.html
> > > =================================================
> > > If you have any questions on how to change your
> > > subscription options, email
> > > [email protected]
> > > =================================================
> >
> > =================================================
> > To set vacation, Out Of Office, or away messages,
> > send an email to [email protected]
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > [email protected]
> > =================================================
> >
> > =================================================
> > To set vacation, Out Of Office, or away messages,
> > send an email to [email protected]
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > [email protected]
> > =================================================
> >
> > =================================================
> > To set vacation, Out Of Office, or away messages,
> > send an email to [email protected]
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > [email protected]
> > =================================================
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: Re: [FW-1] SOS!!. can't telnet after upgrading!!-Update
Next by Date: Re: [FW-1] ISP blocking IKE
Previous by thread: [FW-1] AW: [FW-1] AW: [FW-1] ACE/Server and Nokia IPSO
Next by thread: [FW-1] ISP blocking IKE
Index(es):
- Date
- Thread