[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Problems pushing policies on IP440 with NG AI
Is this a new install? If so, you will need to run "fw unloadlocal" on the firewall, and then push the policy. Also, make sure that SIC trust is established. Initialize SIC on the enforcement point through "cpconfig", and then initialize the other end through the GUI, on the enforcement object. Are FW1 connections implicitly allowed? If not, you will need rules for all of the required FW1 connections. -Aaron -----Original Message----- From: Rudi Pierquin [mailto:[email protected]] Sent: Thursday, September 11, 2003 11:34 AM To: [email protected] Subject: [FW-1] Problems pushing policies on IP440 with NG AI Hi all, I am trying to setup a VPN remote access gateway on an IP440 box. I installed IPSO 3.7 + NG AI packages. I activated the policy server + SVN foundation + FW-1/VPN-1 modules. My problem is that when i try to push policies from my Smartcenter (W2K running NG AI aswell), it fails due to a timeout. In fact, when i try to push the policies, the NOKIA seems to have a hard time trying to enforce them, with the disk running like crazy doing a lot of swaps. Does anybody have an idea of what could be the problem ? Many thanks, Rudi ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|