Hi All
I have GX 2.5 Fw running on Solaris 5.9. In my messages log I keep
getting the below error. How can I resolve this problem?
Thanks in Advance
fw: [ID 934840 kern.notice] fw_gtp_chk_create_pdpc: srv_id 9 not found
in gtp_services
last message repeated 28 times
fw: [ID
I have configured Solaris 5.9 to run a SunFire V240 platform . R55
HFA_12 is installed using the Enforcement Module. When the Fw boots
I get the error's below. I have told that these don't affect the fw and
I can ignore them .
Apr 22 15:31:56 FW-ISP fw: [ID 439750 kern.notice] FW-1*:
this time around.
Best of luck with your implementation.
Regards,
Shane
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Jason
Cameron
Sent: Thursday, March 31, 2005 3:46 AM
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: [FW-1] C
n of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Jason
Cameron
Sent: Wednesday, 6 April 2005 12:43 a.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: [FW-1] Mgmt Station
Hi
Does anybody know of how I can migrate my Rulebase and objects from Gx
2.5 Mgmt Station to a R55 Mgmt Sta
Hi
Does anybody know of how I can migrate my Rulebase and objects from Gx
2.5 Mgmt Station to a R55 Mgmt Station on Solaris 9.
A step by step procedure would be great.
Thanks
=
To set vacation, Out-Of-Office, or away messages,
send an e
age-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Jason
Cameron
Sent: Thursday, March 31, 2005 3:46 AM
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: [FW-1] Cluster XL
Hi All ,
I have purchased two Sun-iforce boxes with Secureplatform . I
Hi All ,
I have purchased two Sun-iforce boxes with Secureplatform . I have also
setup the boxes with Clusterxl in Load sharing> Multicast.
I have tested it via the cphaprob cmds and fw ctl pstat.
Some questions.
1. Is there a procedure or best practice to test Load sharing,high
Hi All ,
I have purchased two Sun-iforce boxes with Secureplatform . I have also
setup the boxes with Clusterxl in Load sharing> Multicast.
I have tested it via the cphaprob cmds and fw ctl pstat.
Some questions.
1. Is there a procedure or best practice to test Load sharing,high
ava
r or
VPN
gateway vendor to see if this capability is supported.
"
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Jason
Cameron
Sent: Monday, February 28, 2005 9:37 AM
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject:
now if you succeed
Bertrand
Jason Cameron <[EMAIL PROTECTED]>@AMADEUS.US.CHECKPOINT.COM> le
28-02-2005 16:36:50
Veuillez répondre à Mailing list for discussion of Firewall-1
Envoyé par : Mailing list for discussion of Firewall-1
Pour : FW-1-MAILINGLIST@AMADEU
Hi All
I am trying to establish a connection to server through my firewall to a
client on the Internet. . I use the Microsoft new connection
Wizard to create a virtual private connection to my client's vpn server.
I have allowed the service " gre " and " pptp_tcp " out. When I create
a s
Hi All ,
I have needed to implement a migration as following
1. Ng AI Management station which manages a NG AI enforcement module on
Solaris 5.8 and a Gx 2.0 enforcement module on Solaris 5.8
The upgrade path is was confusing .
I could upgrade the management station to R55 that's fine but w
was a lot of
hits with useful information, I saw some that were not releasing memory
maybe this is related,
Try doing a search and good luck
- Original Message -
From: "Jason Cameron" <[EMAIL PROTECTED]>
To:
Sent: Thursday, January 27, 2005 4:09 AM
Subject: [FW-1] CPM
Hi All ,
I have 2 fw modules ( nokia ip 330) with ip clustering running r55 hfa12
and my mgmt station running windoows 2000 srv sp4 R55 hfa12 . I have
a problem were the mgmt station periodically reboots on its own . And if
I check the windows dump files via dr watson the last excpetion error
sh
ping the one interface and
not the other. I should be able to ping all three. Any Ideas
I am using " multicast" mode for the nokia Ip clustering and before the
change I could ping all 3 ips eg fw1 int 1 , fw2 int1 , cluster ip
Any idea's
Thanks
Jason Came
-
From: Mailing list for discussion of Firewall-1 on behalf of Jason
Cameron
Sent: Mon 10/11/2004 10:46 AM
To: [EMAIL PROTECTED]
Cc:
Subject:[FW-1] HighProc
Hi ! Can anybody assist me in understanding why I have the follwing
processes running via fwssd and what it means. How can I re
appropriate lines out of the config file and install policy. You *may*
need to kill the processes manually on the module the first time, since
they're already running.
-Original Message-
From: Mailing list for discussion of Firewall-1 on behalf of Jason
Cameron
Sent: Mon 10/11/2004
Hi ! Can anybody assist me in understanding why I have the follwing
processes running via fwssd and what it means. How can I resolve this
problem
Tks
4454 30.6 6.2 9156 15832 ?? R 4:43PM0:06.42 mdq 0 (fwssd)
4455 28.2 5.5 7088 14056 ?? R 4:43PM0:04.83 i
Hi ,
Does anybody have a procedure for the following
1. Move a Management Server from Win2k to a Securplatorm.
2. Movement from NG AI R55 nokia cluster to Secureplatform cluster
with cluster xl
3. What the below message means
ct 7 16:26:07 ND-EB2-FW1-1 [LOG_CRIT] kernel: fwhandle_g
Does anybody have a procedure for the installation on the Secure
Platform via Clusterxl or HA.
Tks
--
Jason Cameron <[EMAIL PROTECTED]>
=
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY
Hi we have multiple secure client connections. into our network. I know there is the
method of removing the option " Disable > securitypolicy via customizing
the package sent to the client.
Is this the only way ?? . I already have clients with a full admin version of the
software and I would l
Hi All ,
Does anybody have a procedure for the setup of HA on 2 secureplatorm machines and a
procedure for the stup of clusterxl.
Tks
=
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email ad
Any idea's out there ??
> -Original Message-
> From: Jason Cameron
> Sent: Sunday, July 04, 2004 12:43 PM
> To: '[EMAIL PROTECTED]'
> Subject: Policy Server staus up/down in Smartview Status
>
> Hi All ,
>
> I have 2 ipso
Hi All ,
I have 2 ipso 3.7 boxes running NG AI R54 with vrrp. I recently upgraded tp R55. I
now see the load average on ur boxes has increased. On
average the both boxes are as follows
12:33PM up 1 day, 16:43, 1 user, load averages: 2.13, 2.13, 2.09.
The Primary Box is much slower than the
t;Add User Access" and specify the user group on FW-1 that
contains the IDs of the SecureClient users. The user goup name will then
show up in the Source column.
In R55, the "VPN" cell of the rule should be "RemoteAccess"
Ray
>From: Jason Cameron <[EMAIL PRO
I have a nokia ip 330 clust with NG AI. My clients are connecting via secureclient to
create the vpn yo connect to the network.
I have two rules which concern me
1 . any >fwcluster>echorequest>accept>log This is to allow secureclient keepalives
Since I don't know there ip's ( dialup or l
-Original Message-
From: Jason Cameron
Sent: Wednesday, April 07, 2004 7:11 AM
To: [EMAIL PROTECTED]
Subject: FW-1: fwpacket_frombuf: len smaller than IP hlen (0<20) "
Subject: FW-1: fwpacket_frombuf: len smaller than IP hlen (0<20) "
I have a Nokia Ip 330 cluster
Hi all ,
I seem to have a lot of following enteries of this type in my logs
TCP packet out of state: First packet isn't SYN
tcp_flags: FIN-ACK
I wonder about the security risk of disabling the option " Drop out of
State Tcp Packets ". I understand that if I d
outer config would
help.
Looks like the mailing list botched your original email.
Lee Robinson
Network Administrator
-Original Message-
From: Jason Cameron [mailto:[EMAIL PROTECTED]
Sent: Wednesday, February 18, 2004 4:16 AM
To: [EMAIL PROTECTED]
Subject: [FW-1] Cisco 1700 Ipsec Tunn
Thanks Dion ,
What do you set your authentication timeout to is 60 minutes to long ??
-Original Message-
From: Hendriks, D. [mailto:[EMAIL PROTECTED]
Sent: Thursday, February 19, 2004 9:29 AM
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] SecureClient
Hi Jason,
>
> Secure Client sends keep a
I have 20 user's using Secure Client via the Web to our Network. Some
connect over Slow Dialup or wan Links and other from Leased Connections.
Secure Client sends keep alives to the Fw Cluster to keep the connection
Alive and The Firewall Sends the SCV_keepalive to the Client??
Is this correct.
Please note I have the Following problem I am setting up a ipsec tunnel
from a 1700 cisco router to my firewall
The network look like this
10.25.0.0/27---router---internetrouter-(nat fw internet ip
addrees to internal ) (internal -privaterange
)fw-172.16.0.0/27.
I have a 128k leased line to our ISP with 2 Nokia IP 330 boxes with NG
FP3. We are using a published application via citrix and allow our
Clients via secure-remote/client a connection into the network. We have
5-6 clients connected via secure client at any time with a growth to 20.
I have setu
Can antbody assist I have a Fw cluster
with Ng fp3 . I need to setup a vpn between my
fw and my client who has a 4.1 vesrion fw.
I also need to setup a vpn with ipsec between my fw and a client router.
Is there any doc or procedure I can use as a Guide ?
tks
==
Can anybody assist I trying to allow Secure Client and Secure remote
access you're a cisco Router and then to the checkpoint ng fp3 fw
cluster.
Does anybody have a dummy access-list to allow incoming and outgoing
traffic for the secure client comms ?
tks
==
Can somebody please let me know what the following in my log's means
message_info: Retransmitted data does not match original data
Tks
=
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the B
What the command to find that out ?
-Original Message-
From: Mitchell Rowton [mailto:[EMAIL PROTECTED]
Sent: Thursday, October 09, 2003 5:46 PM
To: [EMAIL PROTECTED]
Subject: Re: [FW-1] Vrrp
> Can anybody tell me what this error means
> FW-1: fwha_set_fwd_ether_header: invalid ethernet a
Reinhard ,
Please explain .
I have the following
MgmtSrv - 172.16.0.12
FwModule1 172.16.0.9
Fwmodule2 172.16.0.10
Vrrp 172.16.0.11
The only srv on mgmt Subnet is mgmtsrv. If I tracert from the mgmt srv
to our remote office it uses the master interface always of the vrrp
master on our clust
To all ,
Please you aasist me I have 2 x ip 330 Nokia boxes running vrrp. Ng Fp3.
In the Checkpoint Smartview Status under Mgmt Srv Module I see
Fwmgmt -Firewall1 - no response
Why is this this ? . I can log on using Policy Editor and can see
logging happening. Please can somebody assist
t
Can anybody tell me what this error means
FW-1: fwha_set_fwd_ether_header: invalid ethernet address for machine 1
on ifn 4
=
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email
Can anybody recommend how I can create a secure tunnel via the web with
a client's router terminating the tunnel with my fw ng fp3 cluster?
I need make sure that this traffic is secured into our private network ,
are there any procedures etc
Thanks
Jason Ca
I have Ng fp3 running on 2 ip 330 Nokia boxes. I have licensed my fw
with 100 Secure Remote licenses.
I originally installed Secure Remote and can correctly authenticate
using Fw-1 internal password. I then installed installed the secure
client
To use the diagnostics tool. I see that the client
I am currently running a citrix server( on dmz subnet ) with a published app accessing
another server's database on a private lan subnet .
These subnets are directly connected to the nokia ip 330 ng fp2 cluster I am running .
I also have dial-up customer's accessing the
published application on
I seem to receive alot of tcp packet out of state ( flags 10,4,18 etc )
information in my fwlogs. My leased line clients are connecting via 32k
cir frame-relay wan and also have dialup clients. My switches are not
set to auto-negotiate and the server nics are set 100mb full duplex. Can
anybody expl
ping from the management server I can ping all interfaces
of both modules on all subnets, but the opposite is true via
Console access on the fw modules
Thanks
Jason Cameron
* Email : [EMAIL PROTECTED]
Web: www.fin-x.com
=
To set vacation
solaris , Linux , windows etc. Any help out there for a newbie to setting up a ha environment on nokia ipso 330 ?tksCOMESA Financial Exchange (Pty) Ltd. (Fin-X)African Commerce Exchange (Pty) Ltd. (ACE)Jason Cameron(w) +27 11 797-6982(cell) 072 606 7788E-Mail - [EMAIL PROTECTED
is no rule number for this entry ?> > > COMESA Financial Exchange (Pty) Ltd. (Fin-X)> Jason Cameron> E-Mail - [EMAIL PROTECTED]> > >
=
To set vacation, Out Of Office, or away messages,
send an email to [EMAI
47 matches
Mail list logo
