Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Update 4.1 to NG

To: [email protected]
Subject: Re: [FW-1] Update 4.1 to NG
From: Bill <[email protected]>
Date: Fri, 23 Aug 2002 10:39:48 -0400
References: <OFEC7972EC.BE4AB5D2-ONC1256C1E.0036804A-C1256C1E.0037E080@rittal.de>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

NG uses Secure Internal Communications (SIC) to authenticate between
management servers and firewalls.

Do the following steps:

1) On Mgmt, Use Checkpoint Configuration to License management server.
2) On Mgmt, Use Policy Editor to create firewall object.
3) On Mgmt, Use SecureUpdate to attach license to firewall object.
4) On Firewall, use cpconfig to set auth key for SIC.
5) On Mgmt, Use Policy Editor to edit firewall obect.  At bottom you will
see SIC.  Set key establish trunst.

Cheers

----- Original Message -----
From: "Frank Mueller" <[email protected]>
To: <[email protected]>
Sent: Friday, August 23, 2002 6:10 AM
Subject: [FW-1] Update 4.1 to NG


> Hello List
>
> I'm trying to do an update from 4.1 to NG on some test machines.
> I've got a firewall machine running 4.1 on WinNT and a management server
> running NG FP1 on WinNT.
> I want to remotely update the firewall from the management server.
> CPutil is installed on both machines and opsec_putkey is installed on the
> management server.
>
> First I run "fw putkey" on both machines, works.
> Then I do "cpbconfig" on both machines which also works. I'm getting the
> message that the communication is established.
> After that, I execute "opsec_putkey -ssl -p <cprid key> -port 18208
> <firewall ip>". This also works and the keys are exchanged.
> When I now open the SecureUpdate GUI and try to fetch the workstation data
> from the firewall, I just get the message "There is no cprid connection
> between management and module. Reestablish Trust between management and
> module."
> Of course, the same message appears when I try to install software or
> attach some licenses to the module.
>
> I did these steps about 10 times now. I have no further idea what I can
> do.
> Anybody got some suggestions for me?
>
> TIA
>
> Frank
>
> =================================================
> To set vacation, Out Of Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

References:
- [FW-1] Update 4.1 to NG
  - From: Frank Mueller <[email protected]>

Prev by Date: Re: [FW-1] supported encryption algorithms in firewall-1 CP2000
Next by Date: Re: [FW-1] Destination Static NATting
Previous by thread: Re: [FW-1] Update 4.1 to NG
Next by thread: [FW-1] Recall: supported encryption in firewall-1
Index(es):
- Date
- Thread