thanks all for replying. We solved the problem and below is a
brief description of problem and solution for future inquiries:
Background: running Solaris 2.5.1 on all servers. Management
console running v4.0, modules running v4.0.
Problem: when trying to push policy for management to fw module,
I get a "...Broken Pipe.." error message. On the module, when
doing a fwstop then fwstart, I get a "Authentication for command
fetched failed".
Solution: I tried to redo the putkeys as mentioned at
www.phoneboy.com but that failed also. I bounced both the
console and the module and that didn't work. After many tries, a
co-worker pointed out that the management console doesn't have a
license with encryption while I installed the module with a
license that uses encryption. To fix the problem, the beginning
of the control.map file was modified and looks like this:
MASTERS: */none
CLIENT : */none
Hope this helps others in the future and thanks again for all
your help.
-Hungdan
Randall Kizer <[EMAIL PROTECTED]> on 09/10/2000 11:54:05 PM
To: Hungdan Ly/New York/ACMC@Alliance Capital
[EMAIL PROTECTED]
cc:
Subject: Re: [FW1]: "...Broken Pipe" when installing policy
You haven't given us very much information as to what may have
caused this
problem - new installation, recent upgrade, etc.
However, I recently had this exact same message when I upgraded
one of my
remote firewalls to 4.1. As you'll recall from your 4.1 SP1
installation
notes, you have to add a line at the bottom of /lib/control.map
named
"NON-ENCRYPTED", and list the IP addresses of each firewall that
is not
4.1. The reason I encountered this message is because I forgot
to remove
the IP address of the firewall I had just upgraded to 4.1. When
I removed
the IP address of the firewall I just upgraded to 4.1, the
message went away.
I don't know if this helps, but I know this is one configuration
problem
which will cause this error message to appear.
Randall
At 05:26 PM 9/8/00 -0400, [EMAIL PROTECTED] wrote:
>Hi,
>
>has anyone ever ran into a problem where when installing a
policy
>from a management console to a firewall module, it gives you an
>error of "Failed to install Security Policy on hostxxx: Broken
>Pipe"?
>
>I checked the connection and was able to get to the fw module
>fine (using ping, traceroute, and ssh).
>
>Ideas are welcome and appreciated.
>
>Thanks,
>
>-Hungdan Ly
>
>
>
>
>================================================================================
> To unsubscribe from this mailing list, please see the
instructions at
> http://www.checkpoint.com/services/mailing.html
>================================================================================
>
-
"As soon as men decide that all
means are permitted to fight an evil,
their good becomes indistinguishable
from the evil they set out to destroy."
--Christopher Dawson
______________________________________________________________________
The information contained in this transmission may contain
privileged and confidential information and is intended only
for the use of the person(s) named above. If you are not the
intended recipient, or an employee or agent responsible for
delivering this message to the intended recipient, any review,
dissemination, distribution or duplication of this communication
is strictly prohibited. If you are not the intended recipient,
please contact the sender immediately by reply e-mail and destroy
all copies of the original message.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
