Hi,
Nokia document is right if you want to use CVP servers in conjunction with
CVP manager with authorization. You need to put these configurations which
are in cvpm.conf to fwopsec.conf. Also if the CVP servers do not understand
the cvpm putkey command then you need to use the opsec_putkey command
instead.
Ramakanth
-----Original Message-----
From: John Gesualdi [mailto:[EMAIL PROTECTED]]
Sent: Friday, March 16, 2001 3:40 PM
To: Fw1_list (E-mail)
Subject: [FW1] CVP Manager on Nokia
I have my Nokia sending ftp and http content to a Trend Virus wall box
for virus scanning, this is working well. I now want to add redundancy
by adding another Trend Virus Scanner and do load sharing betwen the
two.
The Nokia is running CKP 4.1 service pack 2 and will be the CVP
Manager. I've installed the CVpm package from Nokia and created a
cvpm.conf file on the Nokia. . I created new objects such as
Server,resources and rules on the Management station and pushed out the
policy but things stop working with the CVP manager setup. My cvpm.conf
is included below. Do I need to do anything else. I have a document (
4518) from Nokia which tells me I should be adding all my configs to
fwopsec.conf. It's makes no sense to me.
# CVPM Configuration file
# The port for FW-1 -to- CVP-M communications
cvpm auth_port 18181
############## Chain configuration
##############################################
drop_on_unsafe 1
# Recovery time in minutes
recovery_time 1
# Number of servers on the chain
num_of_servers 2
use_load_shares yes
chained_server_1 cvp_on_scrubby2
chained_server_2 cvp_on_scrubby1
############## Servers definitions
##############################################
cvp_on_scrubby2 auth_port 18181
cvp_on_scrubb2 ip 149.137.3.132
cvp_on_scrubby1 auth_port 18181
cvp_on_scrubby1 ip 149.137.3.129
Fwopsec.conf has it's default settings.
Thanks.
--
John A. Gesualdi, CCNP, CCDP, MCP
[EMAIL PROTECTED]
The Providence Journal Company
Phone (401)277-8133
Pager (401)785-6938
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================