Re: [FW1] IKE Hybrid :problem for creating certificate

Juan Concepcion Fri, 22 Jun 2001 09:03:50 -0700

If you have two firewalls that are sitting in a cluster the correct way 
to certify them is by running the command this way:  fw internalca 
certify -o <cluster object name> "o=xx c=xx"


Ashleigh Martin wrote:

>
>when you're executing the certify command it should be:
>
>fw internalca certify - o firewall_object_name
>
>Thats all!
>
>If that still doesn't work, try both commands again but with the -force
>option at the end.  that will force the re-creation and re-certification of
>the CA
>
>ie:
>
>fwstop
>fw internalca create - dn "o=mycompany, c=mycountrycode" -force
>fw internalca certify -o firewall_object_name -force
>fwstart
>
>that should do it,
>
>Cheers,
>
>Ashleigh Martin
>Senior Systems Engineer
>Data#3 Group Pty Ltd
>Ph: +61 3 9864 2000
>Fx: +61 3 9864 2099
>mailto: [EMAIL PROTECTED]
>Web Site: http://www.data3.com.au
>
>
>                                                                                      
>                                                  
>                    "David Bazillio"                                                  
>                                                  
>                    <[EMAIL PROTECTED]>               To:     
><[EMAIL PROTECTED]>                  
>                    Sent by:                                    cc:                   
>                                                  
>                    [EMAIL PROTECTED]        Subject:     [FW1] 
>IKE Hybrid :problem for creating certificate         
>                    kpoint.com                                                        
>                                                  
>                                                                                      
>                                                  
>                                                                                      
>                                                  
>                    20/06/2001 11:17 PM                                               
>                                                  
>                                                                                      
>                                                  
>                                                                                      
>                                                  
>
>
>
>Hi everybody,
>
>We would like to implement IKE hybrid, we have Chekpoint FW 1- VPN1 4.1 Sp3
>for the module management and also for the firewall itself.
>
>
>On the management console:
>1) fwstop
>2) fw internalca create -dn "o=mycompany, c=mycountrycode"
>3) fw internalca certify -o myfwhostname "o=mycompany, c=mycountrycode"
>4) fwstart
>
>But, the certificate doesn't appear in the GUI management although CA and
>certificate have been created succesfully and there is no server of
>certificate authority, is it normal?
>
>Can anyone help me?
>
>Another question, we use SecuRemote 4.1 Sp3-DES pointed to the external IP
>adress of our firewall,
>The connection begins with a topology download, but does the connection has
>to be made with the firewall itself or with the console management ?
>
>Thanks
>
>David
>
>
>
>
>
>
>================================================================================
>     To unsubscribe from this mailing list, please see the instructions at
>               http://www.checkpoint.com/services/mailing.html
>================================================================================
>
>




================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
Re: [FW1] IKE Hybrid :problem for creating certificate

Reply via email to
