Re: [FW-1] Can not install Policy from Management Console to FW-1 module

[Boules Tadrous]

Title: NG FP2 Security Server Hotfix

It is defiantly your FW object settings. You should specify all the FW interfaces “either by GET or by inserting them manually”. Also at least the license interface needs to be up. Another thing is try to unload all.all, load all.all then start the fw. Hope that helps.   -----Original Message----- From: Mailing list for discussion of Firewall-1 [mailto:[EMAIL PROTECTED]] On Behalf Of Ruiyuan Jiang Sent: Friday, September 20, 2002 3:42 PM To: [EMAIL PROTECTED] Subject: [FW-1] Can not install Policy from Management Console to FW-1 module   Hi, all     I am setting up a testing lab using eval license from CheckPoint. FW-1 module v4.0 runs on Solaris 2.6 (4 network cards) and management module runs on Windows NT server. I want to test it then I can upgrade our production CheckPoint to v4.1 from v4.0.   After installation, I can't install policy from console to Sun box. I have followed the suggestion from CheckPoint support to delete $FWDIR/conf/fwauth.keys and serverkeys.*, $FWDIR/database/authkeys.C and opsec_authkeys.C and modified $FWDIR/lib/control.map to both fwa1 and skey authentication method. I re-run "fw putkey" on both console and FW-1 module.   I started console first and then FW-1 module. When I started FW-1 module on Solaris (fwstart), I got messages:   # fwstart FireWall-1: starting fwd FireWall-1: Fetching Security policy from fwtestnt  (Note: the IP address is the NT management server) localhost Trying to fetch security policy from fwtestnt : FW: Received new control security key from fwtestnt Installing Security policy chk-071102 on all.all@fwtest1 Has only loopback(lo) interface, aborting... Failed to Load Security policy: No such file or directory Fetching Security policy from fwtestnt failed Trying to fetch Security policy from localhost: Failed to Load Security policy: No State Saved Fetching Security Policy from localhost failed can not fetch Security policy from fwtestnt localhost FireWall-1 started # When I tried to push policy from NT management server to Sun firewall-1 box through policy editor GUI, I got a message on the "Install Policy" popup dialog window: Installing Security Policy c:\winnt\fw\conf\chk-071102.pf on all.all@fwtest1 Failed to install Security Policy on fwtest1: The system can not find the file specified While on the Sun box UNIX console, I saw a message: Installing Security Policy chk-071102 on all.all@fwtest1 Can you tell where the problem? Thanks. Ruiyuan Jiang Liz Claiborne, Inc. (201) 295-7171