RE: [FW1] fw upgrade problem from 3.0b to 4.0

Thu, 24 May 2001 00:03:19 -0700 


Have you tried checking the attributes of your gateways but using the fwui
GUI instead of fwpolicy; during the conversion from version 3.0 to 4.0,
sometimes bogus authentication schemes are placed in the gateway properties.
If so, you need to delete these for all gateways -that is, all
authentication schemes that you don't have a license for. Give it a try!
Regards.
alex.

-----Original Message-----
From: Rajesh [mailto:[EMAIL PROTECTED]]
Sent: 23 May 2001 02:04
To: [EMAIL PROTECTED]
Subject: [FW1] fw upgrade problem from 3.0b to 4.0



Hi,

I upgraded the firewall module from ver 3.0b to 4.0 (on sparc machine
running 
solaris 2.6). The management console is on a different machine (ver 4.0
running 
on sun sparc). After I upgraded I managed to install the policy from
management 
console once. When I tried to install the policy later it didn't work. I get
the 
following error message:

TODAY:
Compiled OK.

Installing Security Policy /var/opt/CKPfw/conf/TODAY.pf on all.all@foonix
Authentication for command load failed
Failed to Install Security Policy on foonix: Unauthorized action

I tried to do 'putkeys' and followed all the instructions given on phoneboy
web 
site. It didn't work at all. 

I tried 'as a last resort' solution given on phoneboy. I disabled putkey 
authentication entirely by editing control.map file on both firewall module
and 
management console. I used 'none' as the authentication system. It worked
fine. 

I can't really figure out why it works if I don't use any authentication
system 
and it doesn't work if I use authentication system.

Anyone had a similar problem. I need to solve this problem as soon as
possible. 
I don't want to disable the authentication system. 

Thanks,
Rajesh.



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to