| |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] Secure Remote NG FP2 Session drops....
- To: [email protected]
- Subject: Re: [FW-1] Secure Remote NG FP2 Session drops....
- From: John Biel <[email protected]>
- Date: Fri, 16 Aug 2002 09:17:47 -0400
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- Thread-index: AcJEJ/t2+L3RzyfZTPqeODRjf7YM1AAAeTygAAshrHAAKzyYTAAIqgCg
- Thread-topic: Re: [FW-1] Secure Remote NG FP2 Session drops....
Well to update, I did get a patch yesterday finally. There are issues
with it.
The patch is a client patch, it's only good for Windows 2000 clients
using build 52057
Unfortunately my clients are WinXP and Win98 machines so it wasn't of
any use to me.
I tried it on a WinXP station and it didn't work, however the readme did
say that it was only for 2k, I don't know if it matters since that
client is the same one regardless.
So I'm still at a standstill. In a nutshell the reason I was going for
the patch instead of changing the ip address is the same issue that
Sebastien Risse has below
-----Original Message-----
From: Sébastien Risse [mailto:[email protected]]
Sent: Friday, August 16, 2002 5:25 AM
To: [email protected]
Subject: Re: [FW-1] Secure Remote NG FP2 Session drops....
Hi,
I've got exactly the same problem and i've not yet any solution. I tried
to change the internal IP address with the external but i obtained the
following error when i have installed the rules on the firewall :
Compiled OK.
Failed to find the local management station object
Failed to Download Security Policy on mercure. File exists Installing
Security Policy on mercure failed
According to me, it's normal because all the configuration of my
firewall was made on the internal IP address. So, i'm very interested by
the hotfix that Checkpoint will write.
Sébastien RISSE.
-----Original Message-----
From: Brendan Laws [mailto:[email protected]]
Sent: Friday, August 16, 2002 5:01 AM
To: [email protected]
Subject: Re: [FW-1] Secure Remote NG FP2 Session drops....
John,
thanks! would you be able to send me the patch once you get it - i
forsee i would go through the same issues to get it and you have a head
start!:)
cheers
Brendan
-----Original Message-----
From: John Biel [mailto:[email protected]]
Sent: Thu 15/08/2002 10:46 PM
To: [email protected]
Cc:
Subject: Re: [FW-1] Secure Remote NG FP2 Session drops....
I'm dealing with support on this issue right now. The most
likely reason
you're having this is that your firewall object has the private
address
set in "general properties" rather than the external address of
the
firewall. It likely happens when securemote renegotiates the
phase 1
key. One fix is to change the private address to the external
one.
(You can also see the problem if you put a sniffer on the
outside of the
firewall. You'll see that when the renegotiation occurs, the
firewall
will use it's private address as the source address instead of
the
external one.) If you can't for various reasons change the
private
address there is a hotfix that you can get from Checkpoint to
fix the
problem. However I'm having great difficulty in getting it.... I
started
attempting last Friday and still don't actually have it.
Checkpoint
support is pathetic, it took 2 days just to get them to admit
that they
make a fix for this problem, and now it's been another 2 days
since and
I still don't actually have it yet.
-----Original Message-----
From: Brendan Laws [mailto:[email protected]]
Sent: Thursday, August 15, 2002 3:06 AM
To: [email protected]
Subject: [FW-1] Secure Remote NG FP2 Session drops....
Hi,
I seem to be having an intermitant problem which results
in a
secure remote session being droped, I dont see anything bad in
the logs,
just all of a sudden the session drops, sometimes after 10
minutes,
sometimes 30.
In my playing with this a have kept a constat flow of
traffic to
keep alive the connection be it http & icmp
I am wondering if anyone else has had this problem and
if so how
did you fix it.
Thanks
Brendan
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================
|
|
