Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Error: Peer sent wrong dn?

To: [email protected]
Subject: Re: [FW-1] Error: Peer sent wrong dn?
From: Yinal OZKAN <[email protected]>
Date: Fri, 4 Jul 2003 19:51:10 -0700
In-reply-to: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

Mr. Campisi,
I have a couple of recommendations:
1- Do not forget the $CPDIR folder.. I am not sure which CP article you are following but you
should have the keys on the new box..
2- Copy the CP registry which points your certs.. (HKLM/Software/Checkpoint on W2K)
3- As already recommended use import export utilities, which are take care of all steps
4- Keep in mind that W2K deletes the interfaces when not connected, so connect the new box to a
dummy hub when migrating.

fyi,
- yinal ozkan

--- "Campisi, Joseph" <[email protected]> wrote:
> Hi All,
>
>
>
> I currently have 2 modules running NG FP3 on win2k sp3, and management
> station running NG FP3 on winnt 4.0 sp6a.  I bought a new management
> server and I basically want to transfer from one to the other.
>
>
>
> I put NG FP3 and win2k sp3 on the new server.  I kept the same ip
> address and machine name so I don't have to worry about changing
> licensing, and I also copied the /conf directory over.  Then I
> disconnected the old server and connected the new one.  Under Smartview
> Status the modules are shown as untrusted.  So I try and reset the SIC
> on both management and module.  The trust gets initialized, but when I
> click on test SIC status I get the following error:
>
>
>
> "Sic status for (module) Not Communicating.  Peer send wrong dn: Try to
> reset SIC at the peer and re-establish trust with peer.:
>
>
>
> I'm more testing, it seems that the module never really releases the old
> SIC.  As a test I reset the SIC on the new management server and module
> with a different password.  When I re-connected the old management
> station, and did a test SIC status, everything came back ok!  If I reset
> the module with a different password, how is the old management station
> still communicating with it?
>
>
>
> Any ideas?
>
>
>
> Thanks,
>
> Joe Campisi
>
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

References:
- [FW-1] Error: Peer sent wrong dn?
  - From: "Campisi, Joseph" <[email protected]>

Prev by Date: Re: [FW-1] HFA's
Next by Date: [FW-1] Strange smtp handling
Previous by thread: [FW-1] Error: Peer sent wrong dn?
Next by thread: [FW-1] Error: Peer sent wrong dn?
Index(es):
- Date
- Thread