NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Error: Peer sent wrong dn?


  • To: [email protected]
  • Subject: Re: [FW-1] Error: Peer sent wrong dn?
  • From: Frank Darden <[email protected]>
  • Date: Thu, 3 Jul 2003 08:37:57 -0400
  • Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
  • Sender: Mailing list for discussion of Firewall-1 <[email protected]>
  • Thread-index: AcNBU0h0Jbi29UO4SSuowciOwmS3KwADIEwA
  • Thread-topic: [FW-1] Error: Peer sent wrong dn?

Your management stations internalCA is corrupted. You will need to
follow Check Points procedure for brutally resetting SIC in order to get
back up and running. Unfortunately the instructions are part of the
subscription based Check Point Knowledge base, so I cannot post them
here. If you search CP's site for brutally reset sic you will find your
answer.

Frank


-----Original Message-----
From: Campisi, Joseph [mailto:[email protected]]
Sent: Thursday, July 03, 2003 7:07 AM
To: [email protected]
Subject: [FW-1] Error: Peer sent wrong dn?

Hi All,



I currently have 2 modules running NG FP3 on win2k sp3, and management
station running NG FP3 on winnt 4.0 sp6a.  I bought a new management
server and I basically want to transfer from one to the other.



I put NG FP3 and win2k sp3 on the new server.  I kept the same ip
address and machine name so I don't have to worry about changing
licensing, and I also copied the /conf directory over.  Then I
disconnected the old server and connected the new one.  Under Smartview
Status the modules are shown as untrusted.  So I try and reset the SIC
on both management and module.  The trust gets initialized, but when I
click on test SIC status I get the following error:



"Sic status for (module) Not Communicating.  Peer send wrong dn: Try to
reset SIC at the peer and re-establish trust with peer.:



I'm more testing, it seems that the module never really releases the old
SIC.  As a test I reset the SIC on the new management server and module
with a different password.  When I re-connected the old management
station, and did a test SIC status, everything came back ok!  If I reset
the module with a different password, how is the old management station
still communicating with it?



Any ideas?



Thanks,

Joe Campisi


=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.