RE: [FW1] Hybrid IKE

Thu, 04 Jan 2001 12:32:13 -0800 


Tim,

Thanks much.  That was the problem.

Pete Goodridge

--- "Frost, Timothy E" <[EMAIL PROTECTED]> wrote:
> Pete,
> 
> 
> > -----Original Message-----
> > From:       Peter Goodridge [SMTP:[EMAIL PROTECTED]]
> > 
> > Hi,
> > 
> > I'm running Checkpoint Nokia firewalls v4.1 sp5,
> with
> > a Sun Management station also v4.1 sp5.  I'm
> trying to
> > follow Checkpoint's procedure to get Hybrid IKE
> > working, and can't past step 3.
> > 
> > 1. I stop the fw and management station (note the
> fw
> > is at a remote site.)
> > 
>       [Frost, Timothy E]  You don't need to touch the
> remote firewall
> module, because all of the internalca commands are
> done on the MANAGEMENT
> station.  (This is stated explicitly in the section
> on fw internalca in the
> Checkpoint 2000 Getting Started Guide)
> 
> > 2.  On the management station I do :
> > fw internalca create -dn "o=firewall, c=us"
> > and get:
> > Internal CA created successfully
> > 
>       Looks OK.  
> 
> > 3. On the remote fw I do:
> >  fw internalca certify -o firewall "o=firewall
> c=us"
> > 
>        
>       As I said above, all operations are done on the
> management station.
> 
>       Try running the following on the management
> station, for each of the
> firewall modules:
>               fw internalca certify -o firewall 
> 
>       (You don't specify the dn parameter in the certify
> operation.)
> 
> > but I get the error message:
> > Failed to create certificate:
> > Unknown problem. rc = -272656776
> > 
> > 
> > 
> > 
> > 
> > 
> > 
> Hope this helps
> 
> 
> Tim
> 
> -- 
> Timothy Frost                 mailto:[EMAIL PROTECTED]
> EDS New Zealand                       Fax: +64-4-495-0473
> 8 Gilmer Terrace                      Phone: +64-4-495-0504
> P O Box 3647
> Wellington
> New Zealand
> 
> 


__________________________________________________
Do You Yahoo!?
Yahoo! Photos - Share your holiday photos online!
http://photos.yahoo.com/


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to