Re: [FW-1] Firewall-1 NG FP1 Failures

[Sadir Al-khafaji <sadir@FW1-NOSPAMERICSSON.SE>]

Hmmmm... I still i have to say that no one knew what the problem was no
even support @ checkpoint. I guess some kind of bug but it vanished with
SP2. SP2 has been up for the last month beta and now final release.
PS. After debbuging i cam to the conclusion that SIC could not be
initiated and CPD dies and takes amon with it. when Amon dies you loose
connection and it is a wreck but as i said b4 i am happy with SP2

Cheers
Saidr

Don wrote:

> >                Wondering if you reinstalled the Firewall? If so then i have been through
> > this problem as far as i know when i installed FP2 it disappeared. But
> > this was related to the management module. that was installed. what i
> > recommend if you haven't done it yet is to sic_reset the firewall and
> > see if stuff works again or even better install FP2.
> I have not re-installed the firewall. This system is both the management
> console and the enforcement point. We have about 250 users behind it but
> load is not high.
>
> -Don
>
>
> > Cheers
> > Sadir
> >
> >
> >
> > Don wrote:
> >
> >
> > > In the last week I have had NG lock up on me twice for no obvious reason.
> > >
> > > I have NG FP-1 install on a Nokia IP330 running 3.4.2. The box was
> > > installed about 2 months ago and has been working smoothly.
> > >
> > > Last Thursday, the box stopped routing between the external interface and
> > > the DMZ interface. Routing between the external and internal, and both
> > > wide area interfaces worked fine as well as between the Internal and the
> > > DMZ interface.
> > >
> > > Stopping and restarting CP cleared the problem. I thought it was simply a
> > > fluke until it happened again this morning. Once again the system locked
> > > up and CheckPoint had to be restarted before it would operate correctly.
> > >
> > > The only messages in the logs are:
> > >
> > > T_event_sig_set_handler_e: invalid env 0x41000
> > > T_event_sig_set_handler_e: invalid env 0x41000
> > > fwd_log_handler: 58: Log version 20000000 supported, accept connection
> > >  XRM main >  FWD_DONOT_RESPAWN
> > > fwd_log_handler: 64: Log version 20000000 supported, accept connection
> > > AUTH_DNS: cp_freehostent() was passed NULL pointer
> > > T_event_sig_set_handler_e: invalid env 0x41000
> > > fwd_log_handler: 58: Log version 20000000 supported, accept connection
> > >  XRM main >  FWD_DONOT_RESPAWN
> > > fwd_log_handler: 64: Log version 20000000 supported, accept connection
> > > AUTH_DNS: cp_freehostent() was passed NULL pointer
> > > ...
> > >
> > > Has anyone had NG give them this sort of problem? I am going to be looking
> > > into possible network problems with the DMZ switch, however internal users
> > > can get to the DMZ even when this happens.
> > >
> > > -Don
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to LISTSERV@lists.us.checkpoint.com
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> fw-1-owner@ts.checkpoint.com
> =================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to LISTSERV@lists.us.checkpoint.com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner@ts.checkpoint.com
=================================================