Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] AW: [FW-1] FW NG Gui Client Error.

To: [email protected]
Subject: [FW-1] AW: [FW-1] FW NG Gui Client Error.
From: "Schaar, Norbert" <[email protected]>
Date: Thu, 2 May 2002 09:37:36 +0200
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

In NG you will find this file (manage.lock) in the $FWDIR/tmp directory. But
it is not sufficient to simply remove this file (as it was with 4.1 and
previous versions), you just have to stop and start the management process.

So you sould use "fwstop -proc" to bring the FW-1 processes down (but
remaining the policy active, if there is any) and "fwstart -f" to restart
them.

The explanation of the two commands extracted from CP Reference Guide:

Furthermore, in FireWall-1 NG there is the ability to run "safe fwstop".
This Allows the FireWall-1 administrator to take down the FW processes (i.e
fwstop) for maintenance without exposing the FireWall machine to attacks.
Usage:  'fwstop -default' - kills the FireWall processes and loads the
Default Filter
        'fwstop -proc' - kills the FireWall processes but keeps the current
kernel policy.

fwstop [-default | -proc]
-proc Kills VPN-1/FireWall-1 processes (fwd, fwm, vpnd, fwssd).
Logs, kernel traps, resources, and all security server connections stop
working.
The Security Policy remains loaded in the kernel. Therefore rules with
generic allow/reject/drop rules, based only on service, continue working.

fwstart -f loads the VPN/FireWall Module and starts the following processes:
  The FireWall-1 daemon (fwd), which creates the VPN-1 daemon (vpnd).
  The Management Server (fwm).
  VPN-1/FireWall-1 SNMP daemon (snmpd).
  The authentication daemons (these are started when needed).

Regards.
Norbert

Norbert Schaar
DREGIS Dresdner Global IT-Services
Network-Security & Internet Technology

-----Ursprüngliche Nachricht-----
Von: Bill Osterman [mailto:[email protected]]
Gesendet: Dienstag, 30. April 2002 18:01
An: [email protected]
Betreff: Re: [FW-1] FW NG Gui Client Error.


I believe this will help you:

....in the $FWDIR/log directory there is a manage.lock file. Itis created
when a user logs in with the GUI client. If for some reason the session is
dropped and that file is not removed you could have this problem. If you cat
this file it will indicate who the user is.

Remove this file to clear the problem.

You may have to reboot after that, but I do not think so.

Good luck


----- Original Message -----
From: Steven Nurse
To: [email protected]
Sent: Monday, April 29, 2002 7:59 AM
Subject: [FW-1] FW NG Gui Client Error.


Hi Guys,

            I'm currently running FW-1 NG no FP yet on a Windows NT 4.0
server.

            I always manage this server remotely without any issues.
However, a recent communication failure while managing this server has
resulted in the below error.

            "Connection cannot be establish.
            Another GUI Client is already connected to the Management
Server:
            'IP Address".

            However, I can logon locally without any issues.  I have done
several reboots all without success????

Any ideas???

Thanks in advance.

Steve.





**********************************************************************

This e-mail and any file transmitted with it are confidential and
intended solely for the use of the individual or entity to whom
they are addressed. If you received this e-mail in error, please
notify the email Administrator at [email protected].

This footnote also confirms that this message has been swept
to the best of our current abilities for the presence of computer
viruses. You should NOT take this as any guarantee or
warrant that such material is Virus free, and should apply Virus
detection techniques appropriate to your security requirements
BEFORE using any material attached to this message.

Occasionally electronic communications are monitored and stored
in secure databases by Australian Laboratory Services Pty Ltd IT
department to support operational and security activities. We respect
the privacy right of all individuals and are committed to comply at all
times
with the Privacy Amendment (Private Sector) Act 2000. Further information
can be obtained by viewing the ALS Privacy Policy by clicking
here http://www.campbell.com.au/CBL_Privacy_Policy.pdf

**********************************************************************

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: Re: [FW-1] Non-SYN problems with NG FP2 / Will CP support for Non-SYN in the future?
Next by Date: Re: [FW-1] Whats the deal with CCSE+
Previous by thread: Re: [FW-1] Non-SYN problems with NG FP2 / Will CP support for Non-SYN in the future?
Next by thread: Re: [FW-1] HTTP Security Server bug?
Index(es):
- Date
- Thread