Thank you for the response Nathan. We can connect with the GUI client but only on the original IP addresses I assigned during the initial installation. I will try unloading the policy tomorrow - our firewall is at a colocation facility.
You comment on adding a FW rule surprised me, and perhaps I didn't fully understand your comments. I don't recall previously needing to add a FW rule for GUI clients to work, just granting access via cpconf. Did I miss something? Cheers, Darren -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Davis, Nathaniel Sent: Monday, July 26, 2004 5:16 AM To: [EMAIL PROTECTED] Subject: Re: [FW-1] SmartCenter Blocking on R55? Have you tried unloading your policy? Do a 'fw unload localhost' to unload your policy. From there you should be able to get your client to load. Once you client loads check your policies. Just because you may have it setup in cpconfig as a GUI client, you need to add a rule to allow you GUI client to communicate with your firewall. Is there a rule that allows communication from the gui client to the firewall? If there isn't add one. Hope this helps you. Nathan -----Original Message----- From: Darren Martz [mailto:[EMAIL PROTECTED] Sent: Thursday, July 22, 2004 2:43 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] SmartCenter Blocking on R55? I guess nobody has experience this problem before. -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED] On Behalf Of Darren Martz Sent: Wednesday, July 21, 2004 4:27 PM To: [EMAIL PROTECTED] Subject: Re: [FW-1] SmartCenter Blocking on R55? Thanks for the suggestion, and Yes, I have even tried to rebuild the list using cpconf but that didn't work either. I read somewhere that synchronizing the date helps, but that doesn't explain how I can use my laptop to connect with an IP assigned during the installation of the FW, but the same laptop on a new IP is blocked regardless of the cpconf settings. At the moment the cpconfig gui-client list is being completely ignored?!? rebooting does not help, reinstalling the policy does not help. > From: Chris Hoff <[EMAIL PROTECTED]> > Reply-To: Mailing list for discussion of Firewall-1 > <[EMAIL PROTECTED]> > Date: Wed, 21 Jul 2004 16:57:24 -0500 > To: <[EMAIL PROTECTED]> > Subject: Re: [FW-1] SmartCenter Blocking on R55? > > Have you tried using cpconfig at the CLI? I think I remember hearing > about an issue like this in an earlier version of SPLAT, and using > cpconfig took care of the problem. > > Regards, > > Chris > > -----Original Message----- > From: Mailing list for discussion of Firewall-1 > [mailto:[EMAIL PROTECTED] On Behalf Of > Darren Martz > Sent: Wednesday, July 21, 2004 2:10 PM > To: [EMAIL PROTECTED] > Subject: [FW-1] SmartCenter Blocking on R55? > > [NG AI R55 HFA 04 on SecurePlatform] > > On a new installation of R55, the smart-client addresses I configured > during installation are the ONLY addresses the server will allow. I > have changed the gui addresses in the WebUI, but the settings are > completely ignored. > > It just does not make any sense. > > I checked the /etc/fw/conf/gui_client.def file and it still states the > original settings, but /etc/fw/conf/gui-client shows the webui settings. > > Has anyone run into this problem before? How can I fix it? > > Also, I have installed the firewall a few times this week and in all > instances this situation has occurred - 100% reproducible on a new > install. > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
