Hi, We were running client authentication on Solaris 2.5.1 with FW-1 3.0b for some times without any problems. (Using the sso feature, sso-root) We upgrade to Solaris 7 with Fw1 V 4.1 (SP1) and it doesn't work anymore. I see the authorize message in the firewall logs but the packets get dropped anyways. (but not all of them!!!) For example, I have one rule that permits http and tcp-9991 to 3 different hosts. When I try the first host on port 80, it works, if I try port tcp-9991, firewall drops the packet (last rule being any any drop). I checked in the log file (/etc/fw/log/fwd.elg) of the firewall and found the following: fwd: clauth_log_trap: Failed to get kbuf contents (username) (I have about 51000 occurrences of that message...) I also ran into another problem which I fixed by changing the log option from long to short but we would like to keep it at long. fwd: clauth_log_trap: Couldn't retrieve log format from rulebase, rule #50: Not enough space Does anyone know what this means??? FYI, we had a 3.0b fw1 mgmt console that we migrated to 4.1. I tried deleting and re-adding all users in the console (manage users) to see if it would help but without any luck. Any help would be appreciated. Thanks, ------- Yan Faubert ________________________________________________________________________ Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
