NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] NG FP1, 4.1 SP3 enforcement modules unable to log to NG FP1 CLM



Hi,

Edit the FW obj if the logserver are CLM and some other then
remove this some other logserver.

For 4.1 did u do fw putkey with firewall? If not then please do
that. In 4.1 you have to have loggers file in which CLM IP should
be mention.

Ramesh


On Thu, 22 Aug 2002 Utsav Ratti wrote :
Today, I rebuilt a 4.1 SP3 CLM as an NG FP1 CLM (not an upgrade,
but
complete wipe of the server with the Compaq Check Point
SolutionPaq 2.0
image). After I defined the CLM as an object in the Policy Editor
and
set up SIC, the Log Viewer is able to connect to the CLM, but it
is not
receiving traffic from either the NG modules or the 4.1 modules
(backward compatibility was installed).

In the case of the NG FP1 modules, I specified the CLM in the
Log
Servers section of Workstation Properties in the Policy Editor. I
also
specified our EMC as the failover host; all logging traffic is
arriving
at the failover host.

The 4.1 SP3 modules are also unable to log to the CLM. I've tried
all
the suggestions offered here >>
http://www.phoneboy.com/faq/0038.html,
but am still unable to receive logs. Instead, I continue to see
the
following in $FWDIR/log/fwd.elg when I do an fwstop;fwstart:

   fwd: FireWall-1 daemon going to die on sig  15
   fwd: Wed Aug 21 22:28:54 2002

   fwd: FireWall-1 server is running
   fwd: Connection to Log server a.b.c.d failed
   fwd: Connection to Log server a.b.c.d failed
   <snip>

Incidentally, a tcpdump I did on the CLM's interface showed
communication between it and the various firewalls, further
evidence
that the devices can see each other.

Any help would be much appreciated.

Utsav

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.