Hi, you have to do the "fw internalca certify" commands on the management station. This will create certificates for your firewall objects in your rulebase. After creating the certificates you have to reinstall the policy. Michael Boeing -----Urspr�ngliche Nachricht----- Von: Michael Tench [mailto:[EMAIL PROTECTED]] Gesendet: Donnerstag, 4. Januar 2001 20:20 An: Peter Goodridge; firewall list Betreff: Re: [FW1] Hybrid IKE A similiar error can occur if there is a major time difference between the two boxes. On Thu, 4 Jan 2001 10:50:16 -0800 (PST), Peter Goodridge wrote: > > Hi, > > I'm running Checkpoint Nokia firewalls v4.1 sp5, with > a Sun Management station also v4.1 sp5. I'm trying to > follow Checkpoint's procedure to get Hybrid IKE > working, and can't past step 3. > > 1. I stop the fw and management station (note the fw > is at a remote site.) > > 2. On the management station I do : > fw internalca create -dn "o=firewall, c=us" > and get: > Internal CA created successfully > > 3. On the remote fw I do: > fw internalca certify -o firewall "o=firewall c=us" > but I get the error message: > Failed to create certificate: > Unknown problem. rc = -272656776 > > There are several more steps, but I haven't gotten > past this yet. Any ideas what's wrong? > > THX, > Pete Goodridge > > __________________________________________________ > Do You Yahoo!? > Yahoo! Photos - Share your holiday photos online! > http://photos.yahoo.com/ > > > ============================================================================ ==== > To unsubscribe from this mailing list, please see the instructions at > http://www.checkpoint.com/services/mailing.html > ============================================================================ ==== Michael Tench _______________________________________________________ Send a cool gift with your E-Card http://www.bluemountain.com/giftcenter/ ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
