[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] Re: [FW-1] Problems pushing policies on IP440 with NG AI
Hi, Yes, it is a new install. I initialised the SIC and it works fine. I can communicate with the IP440 through smartstatus, smartupdate,..In fact, the policy enforcement is working, but the box has so hard to enforce it that the connection times out. I can see that the box starts to push the policy. Sometimes it works, sometimes not. I will try to unload the policy before pushing it again according to your info. Maybe there is something with the filesystem and a reinstall of the ipso will help. Many thanks, Rudi --- [email protected] a écrit : > Is this a new install? If so, you will need to run > "fw unloadlocal" on the > firewall, and then push the policy. Also, make sure > that SIC trust is > established. Initialize SIC on the enforcement > point through "cpconfig", > and then initialize the other end through the GUI, > on the enforcement > object. Are FW1 connections implicitly allowed? If > not, you will need > rules for all of the required FW1 connections. > > -Aaron > > -----Original Message----- > From: Rudi Pierquin [mailto:[email protected]] > Sent: Thursday, September 11, 2003 11:34 AM > To: [email protected] > Subject: [FW-1] Problems pushing policies on IP440 > with NG AI > > > Hi all, > > I am trying to setup a VPN remote access gateway on > an IP440 box. I > installed IPSO 3.7 + NG AI packages. I activated the > policy server + SVN > foundation + FW-1/VPN-1 modules. My problem is that > when i try to push > policies from my Smartcenter (W2K running NG AI > aswell), it fails due to a > timeout. In fact, when i try to push the policies, > the NOKIA seems to have > a hard time trying to enforce them, with the disk > running like crazy doing > a lot of swaps. > > Does anybody have an idea of what could be the > problem ? > > Many thanks, > > Rudi > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= ___________________________________________________________ Do You Yahoo!? -- Une adresse @yahoo.fr gratuite et en français ! Yahoo! Mail : http://fr.mail.yahoo.com ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|