I had a problem earlier this month see end...
I appears that I am still getting the End Sync Got Sync problem.
Out network went down when the problem started.
I have left the one node down sice then for testing.
After redoing putkeys @ May 2001 then the problem did do appear until now 24
May 2001
How does one prevent this? I am aware of the putkey authenication problems.
What can you suggest?
Any ideas?
Eric Appelboom
South Africa
fwd: Sync Server 192.168.0.1 went down
fwd: Connected to Sync Server 192.168.0.1
fwd: Sync Server 192.168.0.1 went down
fwd: Connected to Sync Server 192.168.0.1
fwd: Resyncing 1 firewall.
fwd: End Sync Connection from 192.168.0.1
fwd: Got Sync Connection from 192.168.0.1
fwd: Resyncing 1 firewall.
fwd: End Sync Connection from 192.168.0.1
fwd: Got Sync Connection from 192.168.0.1
fwd: Log Server 192.168.0.3 went down
fwd: FW: Received new control security key from 192.168.0.3
fwd: logsys_add_connection_packet_e: recursive call, return <--last 3 weeks
it has not changed
fwd: logsys_add_connection_packet_e: recursive call, return < today so far
fwd: logsys_add_connection_packet_e: recursive call, return
fwd: logsys_add_connection_packet_e: recursive call, return
fwd: logsys_add_connection_packet_e: recursive call, return
fwd: logsys_add_connection_packet_e: recursive call, return
fwd: End Sync Connection from 192.168.0.1
fwd: logsys_add_connection_packet_e: recursive call, return
fwd: Got Sync Connection from 192.168.0.1
fwd: End Sync Connection from 192.168.0.1
fwd: logsys_add_connection_packet_e: recursive call, return
fwd: logsys_add_connection_packet_e: recursive call, return
fwd: Got Sync Connection from 192.168.0.1
fwd: End Sync Connection from 192.168.0.1
fwd: logsys_add_connection_packet_e: recursive call, return
fwd: Got Sync Connection from 192.168.0.1
have now redone putkeys....
Any help will be appreciated
Eric
****************************************************************************
*************
OLD POST
Hi, I had a problem where one of out stone beat fw-1 nodes took down our
network.
It appeared that the transfer of the connection state table information was
not occuring between the private interfaces.
I redid the putkeys and the errors stopped in fwd.elg(log below)
Has anybody ever experienced this? Does one need to do putkeys between the 2
firewall nodes or just
fw's modules <--> managemnet server?
How does one prevent this? I am aware of the putkey authenication problems
and that checkpoint is adressing them.
The cluster has worked fine for many months.
Thanx
Eric Appelboom
South Africa
fwd: Connected to Sync Server 192.168.0.1
fwd: fwd : starting old sync client
fwd: Got Sync Connection from 192.168.0.1
fwd: Resyncing 1 firewall.
fwd: End Sync Connection from 192.168.0.1
fwd: Got Sync Connection from 192.168.0.1
fwd: Sync Server 192.168.0.1 went down
fwd: Connected to Sync Server 192.168.0.1
fwd: Sync Server 192.168.0.1 went down
fwd: Connected to Sync Server 192.168.0.1
fwd: Sync Server 192.168.0.1 went down
fwd: Connected to Sync Server 192.168.0.1
fwd: Resyncing 1 firewall.
fwd: End Sync Connection from 192.168.0.1
fwd: Got Sync Connection from 192.168.0.1
fwd: Resyncing 1 firewall.
fwd: End Sync Connection from 192.168.0.1
fwd: Got Sync Connection from 192.168.0.1
fwd: Log Server 192.168.0.3 went down
fwd: FW: Received new control security key from 192.168.0.3 <-
re-established authentication
fwd: logsys_add_connection_packet_e: recursive call, return
fwd: FireWall-1 daemon going to die on sig 15 <- restart
firewall module
fwd: Sun May 6 13:38:56 2001
fwd: FireWall-1 server is running
fwd: fwd : starting old sync client
fwd: Got Sync Connection from 192.168.0.1 <- fw-1 management server
module restarted
fwd: Connected to Sync Server 192.168.0.1 <-last message sunday morning
11h00
serra-angel#
Eric Appelboom
M-Web Security
Security / Systems Engineer.
Tel:(+27)21 5968553
Fax:(+27)21 5968436
Cell: 0837082568
[EMAIL PROTECTED]
"...firewalls are speed bumps not brick walls."
Eric Appelboom
M-Web Security
Security / Systems Engineer.
Tel:(+27)21 5968553
Fax:(+27)21 5968436
Cell: 0837082568
[EMAIL PROTECTED]
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
