[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] AW: fw sam error
How do you know a computer guy (person)? They are the ones with the palm prints on their foreheads. [smack] Do'h! I read that. The docs say that you need it. I thought about installing it, real loudly too. I have not done that yet. I will let you know if that does the trick. Thanks! Mick -----Original Message----- From: Samuel Wuethrich [mailto:[email protected]] Sent: Monday, February 24, 2003 2:18 PM To: [email protected] Subject: [FW-1] AW: fw sam error Did you have the 4.1 backward compatibility module installed, did you? A collegue of mine has had troubles getting SAM message originating from the RS Sensor into NG. After BC was installed, it has worked. SAM -----UrsprÃngliche Nachricht----- Von: Mick Toothaker [mailto:[email protected]] Gesendet: Mo 24/02/2003 18:21 An: [email protected] Cc: Betreff: Re: [FW-1] fw sam error Hello Manuel, I appreciate your assistance. I upgraded to HF-1 on both the management and on the enforcement modules. I have reset SIC and I have set, set and reset the putkey process (even messing it up to see the error/failure messages) and tried the syntax from the manual and from you, all with the same results as before. From the management station I get: sam: Unexpected end of session. It is possible that the SAM request for 'Inhibit Drop Close src ip <IP addresses> on All' was not enforced. From the enforcement point I get: sam: Server entity initialized failed. The SAM request was not performed. Yes, I am working on getting the OPSEC messages from Real Secure to enable SAM (suspicious activity messages) functionality, but if the process does not work manually, I can't expect it to work programmatically. And, no, the RS > OPSEC > FW SAM is not working either. I have put a sniffer on the wires, and the SAM messages are going between the RS network sensor and the management module. No corresponding traffic is going between the management module and the firewall enforcement point. Pointing the RS messages (changing the putkey, etc.) directly to the firewall enforcement point does not make it work either. Fw sam is just not doing anything on my firewall. I have maintenance and support from both ISS and Check Point, so I will be calling them next; probably CP first. I just wanted to do everything I could without calling them. Support from any vendor goes through the basics first (is it plugged in? is it turned on?), and I wanted to be able to say I had done all that. Thanks again... Mick N jê9è~' k)Æ z æÖzf !$ì elç!yî))rì^ êØayêVvÇ fj)b b N ry bæf)+-îW zì^{--ä jìm $î&ìÇ' Xä fÂZÆØ'æ-Zâ *mÈÇj)_Z0 ^rJhé {\ ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|