[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] NG FP3 SIC Question
On your rulebase for the site with the primary management module you need a
rule permitting control connections to both the internal and external (NAT)
addresses of the management server; on the remote firewall you need to
specify both addresses as Masters.
Julian
|---------+---------------------------------------------->
| | "Nathan Jardine (IT Services)" |
| | <[email protected]> |
| | Sent by: Mailing list for |
| | discussion of Firewall-1 |
| | <[email protected]|
| | kpoint.com> |
| | |
| | |
| | 22/10/2002 10:16 |
| | Please respond to Mailing list for |
| | discussion of Firewall-1 |
| | |
|---------+---------------------------------------------->
>----------------------------------------------------------------------------------------------|
| |
| To: [email protected] |
| cc: |
| Subject: [FW-1] NG FP3 SIC Question |
>----------------------------------------------------------------------------------------------|
I am trying to control a remote module in NG FP3 from my primary management
module. The problem is the management server has an internal IP and when
it communicates to the remote module it gets translated to a valid. I
initially establish the SIC with no problems but when I go to install the
policy it does not confirm. Now I know for a fact that the policy is
getting partly installed because the rulebase takes affect but I don't get
a confirmation so the installation fails. After this SIC will generally
fail and if I look in the log viewer I can see some unestablished packets
in the logs.
Is there a way I can make this configuration work? Can a remote module be
controlled from a natted management station.
Any help or ideas would be greatly appreciated.
________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet.
**********************************************************************
Zenith Insurance Management Limited Registered No. 3805632
Registered @ Zenith House, Market Place, Haywards Heath,
West Sus, RH16 1DB.
NOTICE:
This email and any files transmitted with it are confidential and
intended solely for the use of the individual or entity to whom they
are addressed. If you have received this email in error please notify
the [email protected] and delete the message
and any attachments accompanying it immediately.
**********************************************************************
________________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet.
=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================