|
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW-1] Problem in setup NG FP3 on Solaris
- To: [email protected]
- Subject: Re: [FW-1] Problem in setup NG FP3 on Solaris
- From: nicolas figaro <[email protected]>
- Date: Tue, 18 Feb 2003 18:22:02 +0100
- References: <[email protected]>
- Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
- Sender: Mailing list for discussion of Firewall-1 <[email protected]>
- User-agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; fr-FR; rv:1.0.2) Gecko/20021120 Netscape/7.01
Ruiyuan Jiang a écrit:
Problem in setup NG FP3 on Solaris
Hi, all
I am in the process to test setup NG FP3
on Solaris 9 with distributed environment which seperates firewall module
and management server (both Solaris 9). I am thinking to allow these systems
only use local hosts file to resolve themselves instead of DNS, etc. I installed
SVN foundation first and then immediately installed firewall software on
these systems. For one system I chose the option "management server" and
the other one system with option "firewall module" in "cpconfig". When I
launch GUI client software and tried to connect to the firewall module, I
got a message "initilized but not trusted" in the communication section of
the Check Point module of GUI client even when I unloaded security policy
on the firewall module. I can't communicate with the firewall module host
in and out (it seemed that the network cable is unplugged from network on
the firewall module host). If I delete the Check Point software from the
firewall module host so it became a regular UNIX host, I can ping, telnet,
ftp, etc. in and out the firewall module host (it seems that I plugged network
cable on the firewall module host). Does anyone see this problem before?
Thanks in advance.
Ryan Jiang
After the cpconfig, you have to declare your firewall module on the GUI,
and set the one-time password for
SIC dialog. (the management will send a certificate to the module, crypted
with a password).
You can test the SIC status on the management console.
The module won't accept rules unless the SIC status is OK.
This replaces the putkey that was used on older version (3.0, 4.0, 4.1).
Nicolas Figaro
|
|