Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] Need help re-establishing SIC

To: [email protected]
Subject: [FW-1] Need help re-establishing SIC
From: Layne Meier <[email protected]>
Date: Fri, 31 May 2002 10:02:44 -0400
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

We are changing our ISP.  They have assigned us a Class C Subnet that we
had our FireWall Management server assigned to.  We have a total of 4
FireWall-1 Enforcement Modules.  2 of these enforcement modules are
connected to the same switch as our management server.  These have
retained their SIC.  However, we have 2 enforcement modules at a remote
site that we can no longer establish a SIC with.

I have ran cpconfig on the backup enforcement module (might as well
leave the primary up and running as it is protecting an important
website) and establish communication between the backup and the
management server, then fail over to the secondary and establish SIC
with the primay.  However, I am unable to establish the SIC with the
secondary server.

On the management server I reset the Communication and get an
"Initialized but trust not established" message.  CheckPoint manual
states to re-select the Initialize button to establish the trust but all
I get is an error message that states "Failed to connect to the
module."  Routing works because I can still ssh to the secondary server.

When I ran cpconfig and reset the password, and exited cpconfig on the
secondary server, the software wanted to stop and restart FireWall-1.
When it did, it's still trying to pull the ruleset from the old IP
Address of the management server.

If I try to do an fw unload -all command on the secondary server, I get
a message that says "Failed to open file 'sys.conf': No such file or
directory".  Should I run an fw stop?  If I do will I still be able to
perform an SIC?

Thanks,
Layne Meier
Atlanta Newspapers, Inc.

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: Re: [FW-1] Scheduled fw logswitch no workie-- any ideas? :)
Next by Date: Re: [FW-1] Installing NG on 2000 server
Previous by thread: [FW-1] Redundant Management Options
Next by thread: [FW-1] Test
Index(es):
- Date
- Thread