NETWORK PRESENCE ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT
 


Search
display results
words begin  exact words  any words part 

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Problems pushing policies on IP440 with NG AI



Hi,

Yes, it is a new install. I initialised the SIC and it
works fine. I can communicate with the IP440 through
smartstatus, smartupdate,..In fact, the policy
enforcement is working, but the box has so hard to
enforce it that the connection times out. I can see
that the box starts to push the policy. Sometimes it
works, sometimes not. I will try to unload the policy
before pushing it again according to your info. Maybe
there is something with the filesystem and a reinstall
of the ipso will help.

Many thanks,

Rudi

 --- [email protected] a écrit : > Is
this a new install?  If so, you will need to run
> "fw unloadlocal" on the
> firewall, and then push the policy.  Also, make sure
> that SIC trust is
> established.  Initialize SIC on the enforcement
> point through "cpconfig",
> and then initialize the other end through the GUI,
> on the enforcement
> object.  Are FW1 connections implicitly allowed?  If
> not, you will need
> rules for all of the required FW1 connections.
>
> -Aaron
>
> -----Original Message-----
> From: Rudi Pierquin [mailto:[email protected]]
> Sent: Thursday, September 11, 2003 11:34 AM
> To: [email protected]
> Subject: [FW-1] Problems pushing policies on IP440
> with NG AI
>
>
> Hi all,
>
> I am trying to setup a VPN remote access gateway on
> an IP440 box. I
> installed IPSO 3.7 + NG AI packages. I activated the
> policy server + SVN
> foundation + FW-1/VPN-1 modules. My problem is that
> when i try to push
> policies from my Smartcenter (W2K running NG AI
> aswell), it fails due to a
> timeout. In fact, when i try to push the policies,
> the NOKIA seems to have
> a hard time trying to enforce them, with the disk
> running like crazy doing
> a lot of swaps.
>
> Does anybody have an idea of what could be the
> problem ?
>
> Many thanks,
>
> Rudi
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================
>
> =================================================
> To set vacation, Out-Of-Office, or away messages,
> send an email to [email protected]
> in the BODY of the email add:
> set fw-1-mailinglist nomail
> =================================================
> To unsubscribe from this mailing list,
> please see the instructions at
> http://www.checkpoint.com/services/mailing.html
> =================================================
> If you have any questions on how to change your
> subscription options, email
> [email protected]
> =================================================

___________________________________________________________
Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français !
Yahoo! Mail : http://fr.mail.yahoo.com

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [email protected]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[email protected]
=================================================



 
----------------------------------

ABOUT SERVICES PRODUCTS TRAINING CONTACT US SEARCH SUPPORT SITE MAP LEGAL
   All contents © 2004 Network Presence, LLC. All rights reserved.