Sergio Alvarez a écrit :
Well, with a corrupted certificate authority not only VPN stuff fails, SIC
fails as well because it works with cetificates generated by that CA.
To be honest I have no idea how you managed to avoid SIC issues, the CA gets
initialized with the hostname of the machine, and when you import a config
on a machine with a different hostname, the CA is not valid precisely
because the hostname does not match and gets immediately corrupted, at least
that's what I had understand.
this is a case if you install the smartcenter, then import the config.
but if you directly install with the exported config, you directly reuse
the same CA.
(as far as I understood).
Basically when it happened to me, I got no "poping" error messages at all,
it was just that sic would not work even reseting activation keys on the
firewall modules and the corresponding objects in the Dashboard. I don't
remember the exact error I got when testing sic and failing, but the only
solution was reseting the CA. I did it that way the first time, but it was
such a pain, that next time it happened, I just rebooted with the SPLAT disk
and started all over making sure the hostname was right this time, it was
faster that way.
I guess you should ask Check Point support about this, as my experience
seems no to be rule about this.
I already did.
thanks for the infos.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
[EMAIL PROTECTED]
=================================================
