[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] ip change / certificate change
Hi, I am runnning NG FP1 on Solaris 8 I changed the ip address of my fw-object from the inside address to the outside address. Now my SecuRemote Clients do not drop the connection after a while. But when i changed the ip to the external ip, the gui gave me a hint that i have now to create a new certificate. I was a little bit unsecure about the things which can happen and ignored the warning message. On the operation of the FW as Gateway and SecuRemote Server everything is ok. Now i want to setup a vpn between my checkpoint and Linux FreeSwan. The Connection fails on the certificate change (i dont want to use preshared secrets) I exported my Root-CA Certificate (the one before I changed the ip-address from internal to external-IP of fw-object) and gave it to the FreeSwan admin. Then i made a new CA for the FreeSwan Side and exported his CA. Now my questions: 1. Is it dangerous to delete my old Root-CA Certificate and to create a new one. (I can only create an additional certificate with my internal_root-ca when there is not already one existing on my root-ca ? 2. Has the new certificate any influence on my guy client (I use password) or my SecuRemote Clients or on the global operation of my firewall ? Thanks - Helmar ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|