I had a similar problem upgrading a Nokia to NG. It turned out I had NG HF2 on my enterprise manager/central Sun node, and didn't have HF2 on the Nokia and the VPNs are incompatible. Installing HF2 everywhere solved the problem. YMMV
-- Jon Allingham Director, IVT Leapstone Systems -----Original Message----- From: Nico De Ranter [mailto:[EMAIL PROTECTED] Sent: Wednesday, December 17, 2003 3:27 PM To: [EMAIL PROTECTED] Subject: [FW-1] upgrade FP1 to FP3 kills VPNs Hi, we have a number of VPNs set up between 4 Suns (running FP1 or FP3) and 1 Nokia (running FP1). VPNs are setup using 'traditional' mode all encryption parameters are the same on every firewall. The Suns are managed from 1 location, the Nokia is managed separately. We are trying to upgrade the Nokia to FP3. After the upgrade the VPN to 1 of the Suns is ok, but the the VPNs to the other Suns stay dead. Tried reloading the policies, tried rebooting a Sun, tried allowing all traffic between the Suns and the Nokia. Nothing seems to work. I can't find any difference in configuration for that 1 Sun that keeps on working either. Anybody seen this before? Any ideas what might be the problem (or where to look for clues, the logs are not showing anything) Thanks in advance, Nico --------------------------------------------------------- "It has been said that there are only two businesses that refer to customers as users: illegal drug trade and the computer industry." --------------------------------------------------------- Nico De Ranter Senior System Administrator Sony Service Center (NSCE/VPE-B) The Corporate Village, Da Vincilaan 7-D1 B-1935 Zaventem, Belgium Telephone: +32 (0)2 706 43 11 Fax: +32 (0)2 700 86 22 ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
