Hi Gary, I haven't tried clearing the log directory out. Will give that a try and see what happens. As for the fw fetch, I have tried that a few times, and it works perfectly.
On Thu, 29 Jan 2009 19:52:19 -0800, "Gary Scott" <[email protected]> said: > Have you tried deleting or moving the entire contents of the log > directory on the SCS, do a cpstop before clearing the dir.? Does a fw > fetch work? > > -GS > > > > > ________________________________ > From: David Aitchison <[email protected]> > To: [email protected] > Sent: Thursday, January 29, 2009 10:35:48 PM > Subject: [FW-1] R60 VPN-1 module won't log to Smartcenter > > Hi everybody, > > I'm having a lot of trouble getting an R60 Secureplatform firewall to > log to an R60 Smartcenter server. Logging issues I'm sure are familiar > to all of us, but I've never come across one as persistent as this. > I've worked through all the usual SecureKnowledge documents, > reinitialized SIC, checked the masters file, hosts file, name > resolution, etc, etc, to no avail. > > Unlike previous logging issues I've worked through, there is actually a > 257/tcp connection being established to the Smartcenter. Name > resolution is therefore working. A full 3-way handshake occurs, there > are 10-15 packets passed to and fro (looks like a certificate exchange), > and then the module makes an orderly FIN/ACK disconnection from the > Smartcenter. This repeats every 15 seconds. Local logging on the > firewall module show the accepted FW1_log connections matching on > "Implied rule". > > I suspect a certificate validation problem, but every SIC check I've > performed has reported OK, and pushing policies from the SmartCenter > works fine, as does pulling the policy off the Smartcenter (`fw fetch > <Smartcenter_address>`). There's no control logs being generated on the > firewall module, and no unusual log entries in all the other .elg logs. > Wondering if there was something corrupt in local configuration, I > resorted today to rebuilding the firewall module from scratch, but still > have the same problem. > > Has anyone seen the same behavior in their own environment? > > Regards, > Dave Aitchison. > > Scanned by Check Point Total Security Gateway. > > Scanned by Check Point Total Security Gateway. > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= > > > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [email protected] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [email protected] > ================================================= Scanned by Check Point Total Security Gateway. Scanned by Check Point Total Security Gateway. ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
