Thats the only item I have not done, regenerated the certificate - I could not remember whether that was necessary. Topology changes have been made, and checked, and checked !
Will do it now. On 07/10/05, Jon Still <[EMAIL PROTECTED]> wrote: > Neil Kemp wrote: > > > Both are Nokia Firewalls, and controlled by the management station at > > the central site. The remote sites IP address has changed, we have > > changed its IP on the firewall object, on the Nokia, and the hostname > > it resolved to, but now when you try and connect over the vpn, it says > > there is no valid SA, refer to sk19423 - > > Have you changed the topology settings on the firewall object as well as > the main address? Also, if you've changed the name have you regenerated > the firewall's certificate? The other gotcha I find when making a > change like that is to remember to push the policy to the remote > endpoint(s) of the VPN too otherwise it'll have no knowledge of the > firewall that has moved IP. > > Hope this helps! > Jon. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
