|
Here's the scenario (don't ask, I know it's not an optimum situation):
2 Firewalls running Version 4.1 SP5 on Solaris 7 1 Management server running NG FP1 management module on Solaris 7 NG FP1 GUI on Windows 2000 SP2
Policy/ruleset creation and installation - no problem. Logging - No problem. Cpstat_monitor - no problem.
Problem: It appears that SIC has failed *within* the management server. When I run Check Point System Status from the GUI workstation, the firewalls come up "Connected" and "OK", but the management server, management module and SVN foundation come up as Untrusted/Untrusted/Untrusted or Disconnected/Unknown/Unknown, even though I can still telnet to the management server, the firewalls can still log to it, and I can create/upload policies using the Windows GUI. In other words, everything appears to function normally, even though the management module appears to have crapped out. The Check Point Help menu defines Untrusted as "Secure Internal Communication failed. The workstation is connected, but the Management Server is not the master of the module installed on the workstation." The Check Point Secure Knowledge database only addresses this in terms of losing SIC between the management and firewall modules, not within the management server itself.
I used to occasionally get "Connected/OK/OK" on the management server, but not any more. Anybody have any ideas on this?
Thanks in advance,
Dan
Daniel R. (Dan) Dunn, EE, CISSP, CCSA/CCSE
|