If you issue the fw log -ftn on the command line interface of one of the 2 enforcement modules you'll most likely see that it's attempting to send logs to the internal address of the management station. A couple of well placed manual NAT rules and objects will solve the problem.
i.e. enforcement-module to management-station | enforcement-module to management-station-ext
maybe they'll help.On Unix Machines: fwd -d <Management Server IP>
On NT Machines: fw d -d <Management Server IP>
-Bob
Sol Reichstein wrote: I have a IP350 with NG FP2 and a Win 2000 management server with NG FP3. For some reason this module occasionally stops sending its logs to the management server. (my 3 other modules don't do this). Rebooting the firewall gets the logs going to the management server again but only for a short time. Is there a command to force the logs to start sending to the Management server again.
Thanks in advance, Sol.
-Bob
Lindqvist Per wrote:
Hi,
What to do if the management server has a private IP-address that's need to be NATed and want to manage enforcement modules at other sites over the Internet?
I'm facing such senario with NG FP3. With static NAT I get the SIC and SmartView Status to work, but I can't get policy installtions and logs to work correct.
By reading the "Whats New" for FP4, beta 1, I saw that there was a new function in the GUI (a box to check) allowing this to work. I tested it in a lab and it did work. Is there still a way to solve it in FP3?
TIA, Per Lindqvist
================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
-- Bob Scipioni <[EMAIL PROTECTED]> Vice President, Product Development Lucid Security Research & Product Development www.lucidsecurity.com
================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
