I will give this a try tomorrow morning . On 8/4/06, Andrej Skamen <[EMAIL PROTECTED]> wrote:
Is NOKIA box listening on port 18190? Try "netstat -an" and check status for TCP 18190. It should be LISTENING. If you peformed "FW unloadlocal" and you are still not able to connect, than this is not Security policy issue. Suggestions: 1. run "fw monitor" and recreate the problem. 2. check fw monitor output file for session behaviour 3. put fwm deamon in debug mode: # fw debug fwm on/off and recreate the problem 4. check $FWDIR/log/fwm.elg file 5. Install CP GUI on some other PC with different IP, modify gui clients on FW, issue fw unloadlocal and try from new gui machine Dirty steps: cleanup state directory 1. perform full backup of FW 2. issue cptop 3. manualy copy $FWDIR/state directory for backup 4. clean-up the content of $FWDIR/state directory 5. issue cpstart 6. check installed policy, If it is "Initial" , then issue fw unloadlocal again 7. try with cp gui 8. install the policy with "fw fetch" If something will go wrong, revert to backup. I hope that you will find something usefull. Andrej ________________________________ From: Mailing list for discussion of Firewall-1 on behalf of Yang Xiao Sent: pet 4.8.2006 3:10 To: [email protected] Subject: Re: [FW-1] Smartdashboard problems Also, the support folks made me try cpclean and I have reinstalled the smartdashboard as well. Still now luck. I'm realy running out of options here. On 8/3/06, Yang Xiao <[EMAIL PROTECTED]> wrote: > > I still can't connect even after fw unloadlocal, which leads me to think > this is not a policy issue, and the firewall works properly after I do a fw > fetch localhost, it loads the policy and everything works fine. > As for backups, sorry. I didn't realize the Voyager backup doesn't include > the /opt direcotry, darn. > > - Yang > > > On 8/3/06, Neil Kemp <[EMAIL PROTECTED]> wrote: > > > > Complete reinstall ? Checkpoint suggested that ? > > > > revert to backups ? > > > > > > whats the error you get with a policy install and on fwm unload local ? > > > > On 03/08/06, Yang Xiao < [EMAIL PROTECTED]> wrote: > > > > > > Hi all, > > > IPSO3.8 running R55 HFA_02. Stand alone. > > > We pushed out a previous policy from the database because we were > > > experiencing VPN client issues. Then we lost the connection to the > > Smart > > > Console all together, the policy is installed. everything is working > > fine > > > except we can't access the smart console server, fwm is running, added > > and > > > removed the GUI clients using cpconfig several times, still no luck, > > The > > > error message is make sure the server is running and the client is > > > configured to access the server. rebooted multiple times, also, tried > > to > > > connect after fw unlocallocal didn't work either. > > > > > > Checkpoint basically said something got corrupted during the last > > policy > > > install and they recommend a complete re-install. I'm trying to avoid > > > doing > > > this because I can't get it out of them what kind of impact this would > > > > > have > > > on Site-2-Site VPN tunnels and SecureClients. I also asked them if I > > > should > > > do a dbexport and import before and after the rebuild, they said they > > > don't > > > recommend it because I could be exporting something that's corrupted. > > This > > > means up to 4 hours for me to recreate every single object and policy! > > > > > > Any suggestions? > > > > > > Many thanks, > > > - Yang > > > > > > ================================================= > > > To set vacation, Out-Of-Office, or away messages, > > > send an email to [EMAIL PROTECTED] > > > in the BODY of the email add: > > > set fw-1-mailinglist nomail > > > ================================================= > > > To unsubscribe from this mailing list, > > > please see the instructions at > > > http://www.checkpoint.com/services/mailing.html > > > ================================================= > > > If you have any questions on how to change your > > > subscription options, email > > > [EMAIL PROTECTED] > > > ================================================= > > > > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
