[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Unable to save policy - NG FP2

To: [email protected]
Subject: Re: [FW-1] Unable to save policy - NG FP2
From: Paul McAtasney <[email protected]>
Date: Thu, 21 Nov 2002 18:12:45 -0000
Importance: Normal
In-Reply-To: <[email protected]>
Reply-To: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Further info.

The firewall was happily running for several weeks without a problem, while
we were migrating from one ISP to another. The problem appeared to manifest
itself after we routed all our Internet traffic to the new ISP - therefore
it would appear to be load based. Initially I thought it was to do with the
amount of logging and have switched most of it off, without any joy. The
kernel patch is 108528-16, I've logged a call with Sun in case it could be
an OS problem.

I have also seen the error message you describe when I try to modify the
firewall object.

Our machine is an Ultra 10, 256Meg, 1 hme interface and 2 Sun Quad Ethernet
cards (5 ports in use). Stopping the firewall and restarting doesn't
resolve.

Regards Paul.

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of Russ
Aspinwall
Sent: 21 November 2002 16:23
To: [email protected]
Subject: Re: [FW-1] Unable to save policy - NG FP2

I have the exact same problem with NG FP3 under Solaris 8,I have been
working with our support provider, who has in turn put a ticket in with
Checkpoint about this problem.

I tried downing and re-upping the loopback after I read your message and it
temporarily solved my problems as well (it breaks again after 15 - 45
minutes).

Have you tried to modify your firewall object when it is in this state? I
get the following when I do so:
Unable to contact Certificate Authority on the Management Station.
Please make sure the Certificate Authority daemon is running.

It acts like a CA problem, but we have done a sic_reset and recreated the CA
numerous times to no avail.

If I can provide any other info to assist in getting this solved I would be
happy to!

Thanks,

Russ

***************************************************
Russ Aspinwall, A+, Network+, I-Net+, CIW Associate
Network Administrator
Kalamazoo College

phone:fax:e-mail: [email protected]

---
"Nerd is so negative; I prefer digitally enabled."
***************************************************

-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of Paul
McAtasney
Sent: Thursday, November 21, 2002 9:59 AM
To: [email protected]
Subject: [FW-1] Unable to save policy - NG FP2


Hi,

Occasionally, my firewall (NG FP2 running on Solaris 8) won't allow me to
make any changes. When I try to save, the following message appears

"The changes could not be saved. Please make sure the Firewall1 services are
up and running. For more information use the Status Manager application."

The status manager shows all services are running fine and there doesn't
appear to be anything untoward with the Unix box. The problem is resolved by
a reboot, but can reoccur hours or days later. I subsequently noticed that
when this problem is happening, I am unable to ping localhost (although
ifconfig -a reports it as being UP and RUNNING). Bringing the lo0 interface
down and up again will resolve the firewall problem (until it happens
again).

Can anyone offer me an insight into a possible cause?

Regards Paul.

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out Of Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

References:
- Re: [FW-1] Unable to save policy - NG FP2
  - From: Russ Aspinwall <[email protected]>

Prev by Date: Re: [FW-1] How to use SENDMAIL ??
Next by Date: [FW-1] SecuRemote on FW4.1
Prev by thread: Re: [FW-1] Unable to save policy - NG FP2
Next by thread: Re: [FW-1] Unable to save policy - NG FP2
Index(es):
- Date
- Thread