[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] SecuRemote and cluster

To: [email protected]
Subject: Re: [FW-1] SecuRemote and cluster
From: "Messier, Michel" <[email protected]>
Date: Tue, 15 Oct 2002 09:05:28 -0400
Reply-To: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Hey Listers,

I've been meaning to send something on this for a while now... We had
problems establishing VPN with a Nokia cluster. We were upgrading from 4.1
to FP2, had both 4.1 and fp2 SR clients. Took a while but finally got past
1st level support at Checkpoint. The engineer that picked up the ticket
simply sent me an update to a dll file (libOS.so.1.1), the problem was known
for somebody with more than 4 interfaces (we have 2 quad cards). So I hope
this will help you tomas and sorry to listers for the delay on letting you
know.

Michel

-----Message d'origine-----
De : [email protected] [mailto:[email protected]]
Envoy� : 15 octobre, 2002 06:38
� : [email protected]
Objet : [FW-1] SecuRemote and cluster


Hi all listmembers

I'm having trouble getting SR to work towards a network behind two clustered
FW-1's on Nokia. I recently upgraded the management station to NG, but the
same thing still happens.

In the logs, it seems like SR is trying to send IKE packets to the internal
leg on the firewall. For some reason, the firewall won't answer (used
tcpdump on the nokia box) on the IKE packets from the SR client. And i can't
see any errors in the logs. SR answers with "communication with site  has
failed". Updating topology goes fine.

Is there any special considerations getting SR to work towards clusters? The
same coniguration works against non-clustered enviroments..

Any suggestions?

-tomas-

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

Prev by Date: Re: [FW-1] HTTP Tunnelling
Next by Date: Re: [FW-1] RSA Ace/server 5.0 replication
Prev by thread: Re: [FW-1] SecuRemote and cluster
Next by thread: [FW-1] secure remote authentication
Index(es):
- Date
- Thread