Thank you for useful advices. Although FireWall-1 Guide refers to state syncronization using port 256, NG doesn't support it. To enable state syncronization, I have to enable HA feature. I also have to install the FW-1 module and the management station on different machines.
Naoki Takasu wrote: > Hello all, > > I'm working with 2 FW-1 NG FP1 on Solaris 8. One machine has a > management station and a FW-1 module installed, and the other has a FW-1 > module installed. The management station manages both FW-1 modules. > > I'm trying to syncronize those FW-1 modules' state, but no communication > via port 256 is seen, so they don't seem to communicate each other. I > have configured below: > > a. Both FW-1 modules have the same security policy. > b. The time of both machines is syncronized with NTP. > c. $FWDIR/conf/sync.conf lists an IP address of the other FW-1 modules. > > I wonder I must install the management station and the FW-1 module on > different machines. Does anybody have any idea? > > Thank you, > > > Naoki Takasu > [EMAIL PROTECTED] ================================================= To set vacation, Out Of Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
