Hello all,
I am setting up a new R55 single gateway system on a Sun Fire V210
running solaris 9. It is a new machine, I am using the most recent 9 sun
alert patch cluster on a solaris9 0803 core install. After the core I
install Disksuite and the minimal needed packages for install (libC,
libCx, ter, admc and admfw).
My first issue was the UnixInstallScript failed with with write errors,
I worked around that using
http://www.phoneboy.com/bin/view.pl/FAQs/SolarisInstallAndUpgradeIssueWorkaround
After creating the instal user the script install works.
But:
When I run cpconfig after installation to configure the product I choose
to configure the install as a "Smartcenter Express and VPN-1 Express
Gateway", (so both module and mangement on the same hardware, what used
to be called a single gateway installation).
At the stage
Generating default filter
I get a segmentation fault which I believe is normal, after that the
config stops with the following error:
cp: cannot access /opt/CPfw1-R55/state/default.bin
Cannot copy default filter to /etc/fw.boot
cpconfig: Configuration aborted.
It turns out the state directory is empty. I have tried re-applying HFA
15, downloaded another R55 wrapper from checkpoint, but I still got this
error.
Once I tried to work around it by using the filterfile from another
HFA15 installation (also on a V210) but then at the boot-security-phase
I get BGE errors:
FW-1: Autopushing over bge
ap: ioctl failed: Out of stream resources
FW-1: bge autopush failed: resetting...
followed by a help text from the autopush (1M) command and a statement
that bge0 is not found in table.
I found references to issues with Sun V210 (or 240) Bge interfaces and
R55 with older HFA's (04 and earlier) but these have been fixed now.
I have tried using the same installation files as on the other V210's (a
HFA 11 wrapper with separate HFA15), tried HFA17 but all fail the
sameway. My other V210's are running fine on solaris9 /R55-HFA11 and 15;
only with earlier patch clusters. I tried to find differences in patch
levels of the bge drivers but these are the same (112233-12) on all
machines.
Unfortunately Secure Knowledge doesn't work (500 Internal server
errors), and the bge fixes on google and phoneboy don't work.
I hope anyone can give me some pointers as to how to fix ths issue. As
usual I'm under time pressure so any hint would be greatly appreciated.
thanks!
Wilco
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
