NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[FW-1] RE : [FW-1] telnet problem between cluster members


  • To: [email protected]
  • Subject: [FW-1] RE : [FW-1] telnet problem between cluster members
  • From: LEYMARIE Gerard <[email protected]>
  • Date: Fri, 1 Aug 2003 08:14:07 +0200
  • Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
  • Sender: Mailing list for discussion of Firewall-1 <[email protected]>
  • Thread-index: AcNX8KD++HstTsPiEdewowACpfCg4wAAyufg
  • Thread-topic: [FW-1] telnet problem between cluster members

If you have NOKIA box:

Try to install at least HFA-309 (mgt and modules), verify with guidbedit that HANew=1 in your cluster object and apply the IPSO resolution regarding cptart modification since you're not using loadsharing


-----Message d'origine-----
De : Wen Guangcheng [mailto:[email protected]]
Envoyé : vendredi 1 août 2003 07:33
À : [email protected]
Objet : Re: [FW-1] telnet problem between cluster members

Hello Jean-Francois,
Thanks a lot and sorry for my  reply so late due to  my vacation.

> So, you've defined a gateway cluster with two members (fw1 & fw2). You
> also defined the topology of the cluster (remember NOT to declare there
> the net you want for sync).

In the tab topology of the cluster  I do not declare anything at all.

> If you don't have a product like cluster XL or VRRP (it may run under
> linux), it's not possible to expose a "virtual" IP. So I wonder how you do
> it.

I intend to use a third party HA producte.

> Anyway, in "tracker", which fw reports the spoofing ? Which source IP
> ? Which destination IP ?

For instance,  #cpstop in fw2
When telnet from fw1 to fw2,  the droped Record Details is as follows,
Origin:  fw1
Type:   Alert
Action: Drop
Service:   telnet
Source:   fw1
Destination: fw2
Protocol:     tcp
Rule:
Source Port: 43011
Information: message_info: cluster member IP is being spoofed.
Policy Info:   Policy Name: Standard

When telnet from fw2 to fw1, the droped Record Details is as follows,
Origin:  fw1
Type:   Alert
Action: Drop
Service:   telnet
Source:   fw2
Destination: fw1
Protocol:     tcp
Rule:
Source Port: 35851
Information: message_info: cluster member IP is being spoofed.
Policy Info:   Policy Name: Standard

Thanks for your consideration.

Regards,

--Wen

> On Fri, 25 Jul 2003, Wen Guangcheng wrote:
>
> > Hi reinhard,
> > Thanks a lot.
> > > does it work if you cpstop both firewalls?
> >
> > Yes. I am sure.
> >
> > do you use nokia clustering oder
> > > VRRP?
> >
> > No.
> > I have tried it on Solaris8 and also Linux.
> >
> > > do you see any drop in your fw1 logs?
> >
> > Yes. The message_info is cluster member IP is being spoofed.
> > BTW, ping between the cluster members is OK.
> >
> > Regards,
> >
> > --Wen
> >
> > > At 15:34 25.07.2003 +0900, you wrote:
> > > >Hello Gurus,
> > > >I have set up two cluster members(NG FP3(HF2)) and a
> > > >SmartCenter server without checking Cluster XL in the
> > > >tab of Gateway Cluster Properties. telnet between the
> > > >two cluster members is OK. But after #cpstop on one of
> > > >cluster member, telnet between the cluster members does
> > > >not work, while it is OK between a cluster member and
> > > >other host. It seems this does not happen in FP2/FP1.
> > > >Why does it happen? and howto make telnet still work
> > > >between the cluster members even after #cpstop on one
> > > >of cluster member? Thanks in advance.
> > > >
> > > >Best regards,
> > > >
> > > >--Wen
> > > >
> > > >=================================================
> > > >To set vacation, Out-Of-Office, or away messages,
> > > >send an email to [email protected]
> > > >in the BODY of the email add:
> > > >set fw-1-mailinglist nomail
> > > >=================================================
> > > >To unsubscribe from this mailing list,
> > > >please see the instructions at
> > > >http://www.checkpoint.com/services/mailing.html
> > > >=================================================
> > > >If you have any questions on how to change your
> > > >subscription options, email
> > > >[email protected]
> > > >=================================================
> > >
> > > --
> > > Reinhard Stich,   ASSIST    [email protected]
> > > Internet Security AG, 1190 Wien, Nussdorfer Laende 29-33
> > > Tel: +43 1 370 94 40  RS784-RIPE Fax: +43 1 370 94 40-10
> > >
> > > =================================================
> > > To set vacation, Out-Of-Office, or away messages,
> > > send an email to [email protected]
> > > in the BODY of the email add:
> > > set fw-1-mailinglist nomail
> > > =================================================
> > > To unsubscribe from this mailing list,
> > > please see the instructions at
> > > http://www.checkpoint.com/services/mailing.html
> > > =================================================
> > > If you have any questions on how to change your
> > > subscription options, email
> > > [email protected]
> > > =================================================
> > >
> >
> > =================================================
> > To set vacation, Out-Of-Office, or away messages,
> > send an email to [email protected]
> > in the BODY of the email add:
> > set fw-1-mailinglist nomail
> > =================================================
> > To unsubscribe from this mailing list,
> > please see the instructions at
> > http://www.checkpoint.com/services/mailing.html
> > =================================================
> > If you have any questions on how to change your
> > subscription options, email
> > [email protected]
> > =================================================
> >
>
> --
> Jean-Francois Gobin - Administrateur gobinjf.be
> http://www.gobinjf.be   mailto:[email protected]
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
>

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.