|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] AW: [FW-1] CheckPoint 4.0 to NG
The problem with database inconsistency after changing groups or group member objects was definitely resolved by Check Point with FP2. We faced this failure many times at our FP1 management servers and now it is gone with the upgrade... -----Ursprüngliche Nachricht----- Von: Russell Washington [mailto:[email protected]] Gesendet: Montag, 13. Mai 2002 16:45 An: [email protected] Betreff: Re: [FW-1] CheckPoint 4.0 to NG Just did one of these for a client. The only problems encountered were: (1) User-defined service objects kept preventing policy upload because in NG you have to specify the protocol number for these. Easy enough to fix, just edit the services and specify the protocol number. TCP = 6, UDP = 17, GRE = 47, that should cover you in most cases. (2) Service objects that specified the same port (yeah, I know, client shouldn't be doing that) kept preventing policy upload. Solution is to hit the advanced properties of one of the "duplicates" and uncheck "Match to Any." Note that the above problems were *not* detected during policy validation. They just kept conking out the upload. Have also had some post-install issues indicating that the NG database doesn't like it when a member of a service group has its name changed. Doing so seems to cause any rules using the group to flame out with an "invalid object"-ish sounding message during policy validation. I fix it each time by removing and then re-adding an existing member of the tweaked group, doesn't seem to matter which one. Hopefully this issue goes away with FP2. Don't know. -----Original Message----- From: Perbix, Michael [mailto:[email protected]] Sent: Monday, May 13, 2002 6:48 AM To: [email protected] Subject: Re: [FW-1] CheckPoint 4.0 to NG Billy please pass this info on when you get it, I am about to do the same thing.... > ---------- > From: Billy Chan > Reply To: Mailing list for discussion of Firewall-1 > Sent: Monday, May 13, 2002 4:58 AM > To: [email protected] > Subject: [FW-1] CheckPoint 4.0 to NG > > Dear all, > > I'm using CheckPoint Firewall -1 4.0 on NT perform and no need for the > VPN feature. I'm now study if that we should upgrade from 4.0 to NG or > not. Who can tell me where I can't find the documents about the > different between 4.0 and NG and the problems that I will meet during > the migration. > > Thanks, > Billy > > ================================================= > To set vacation, Out Of Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > > ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
