Well
First of all, I should say or you use cluster xl or you use vrrp, I think
that your problem resides there. I've never seen this configuration and I
don't think is correct at all. Try using only vrrp. And verify if everything
is working fine.
Best regards
lino
-Original Message-
F
, 14 de Septiembre de 2006 12:44 p.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: Re: [FW-1] Urgent
>>> On 9/14/2006 at 9:48 AM, Lino Eduardo Avila Rodríguez
<[EMAIL PROTECTED]> wrote:
> Try this.
I'm having similar issues. I tried it. It didn't
Try this.
Try this
Stop the SmartCenter:
1. cpstop
Remove the following files:
1. $FWDIR/conf/inspect.C
2. $FWDIR/lib/updates.def
Start the SmartCenter:
1. cpstart
Update the asm_update_version parameter:
1. Run the GuiDBedit, by running the following program:
C:\Program Files\Ch
Have you tried loading a backup to another machine??
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Claudia
Cordova
Sent: Jueves, 14 de Septiembre de 2006 09:28 a.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject:
Have you checked if it's a checkpoint gateway not a checkpoint host?
Cheers,
lino
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Gary Scott
Sent: Martes, 12 de Septiembre de 2006 07:48 a.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHEC
the SCS does use SIC for itself, you're connected to it, the module is the
one who needs the SIC, initialize in the module via cpconfig, and then in
the management un the module object.
best regards
-Original Message-
From: Mailing list for discussion of Firewall-1
To: FW-1-MAILINGLIS
I had a similar issue, what I did is install a log server in another pc,
then configure to receive all the logs, after a while change again to the
smartcenter and problem solved!
Best regards,
lino
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PR
It's included in your media
In IPSO the software it's installed in the wrapper.
Best regards,
lino
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Gary Scott
Sent: Lunes, 21 de Agosto de 2006 03:24 p.m.
To: FW-1-MAILINGLIST@A
Hi all!
I have the following issue, I configured an IP Cluster (Multicast) with NGX
HFA_03 and IPSO 4.0. The issue I have is that the ICMP protocol is not
working as it should.
I have two switches connected via a trunk port. Each firewall is connected
to their respective switch, each interface
Or you can try to stop the process as you should.
cpadmin {start| stop| restart | debug | undebug }
Regards,
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of dhananjoy
Sent: Miércoles, 16 de Agosto de 2006 11:21 p.m.
To: FW-1
xx.xx.30, but not for any IP in between. Does that indicate anything?
Alan
At 06:44 PM 8/16/2006, Lino Eduardo Avila Rodríguez wrote:
>Do you have the right topology?
>
>
>Create a external interface.
>
>
>Best regards
>
>
>-Original Message-
>From: Mailing li
Do you have the right topology?
Create a external interface.
Best regards
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Alan Choyna
Sent: Miércoles, 16 de Agosto de 2006 02:28 p.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.C
I think you're talking about SIC errors??
Why don't you try to use upgrade_export tool? This works for the management
object.
The location is $FWDIR/bin/upgrade_tools
Or you can download it from the checkpoint website.
It works better than copying directories and it makes a good backup.
C
About chnaging the Ip address of the management server, it's not that easy,
just changing it in the smartdashboard, here's how checkpoint advises you to
do it.
Procedure:
1. From SmartDashboard, change the IP address for your SmartCenter server
object to reflect the new IP address. Save the po
You can always disable out of state packets as a workaround (global
properties > stateful inspection), but you should check why this packets are
arriving in different order. May it be an asymmetric network??
Checkout the kb #sk21735 for more information on this error.
Best Regards,
-
Hi guys, I just upgraded to R60 HFA_03 and I have the following error, does
NGX use much more resources that the connection table gets smaller? Before
the upgrade everything worked ok.
How can I decide how much I can increase the connection table??
[LOG_CRIT] kernel: FW-1: WARNING: The co
Well, if you're looking for an appliance, I would say nokia.
Best Regards,
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Clive Luk
Sent: Jueves, 03 de Agosto de 2006 02:51 a.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
https://www.checkpoint.com/GetSecure/MediaEngine?action=UPIS_OrderStart
Try this link
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Covington,
Chris
Sent: Miércoles, 02 de Agosto de 2006 03:18 p.m.
To: FW-1-MAILINGLIST@AMADEUS.
If you try to obtain within the downloads section you won't have to pay
anything.
Select downloads>ngx r61> and It will redirect you to the right place
Try it
Best Regards,
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Covingt
The readme file says bc patch has to be installed first. Then the fw1 patch.
The bc patch is only for the smartcenter server.
Regards,
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Information
Technology
Sent: Martes, 01 de Ago
Does anyone know any know issues for R61? The one I know is the
'http_activate_ss_protections' must be active in order to download large
attachments.
Anything else?
Best Regards,
lino
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On B
NGX R61 is supported from IPSO 3.9 and above.
Check The Release Notes of R61
Regards,
Lino
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Mark Elsen
Sent: Lunes, 24 de Julio de 2006 04:01 a.m.
To: FW-1-MAILINGLIST@AMADEUS.US.C
Hi all!
I have a this issue. The nokia is configured with two IP address in the same
external interface, the problem is that when it reboots, the outgoing IP is
one IP but after a reboot it takes the other IP, actually, it alternates the
outgoing IP and I don't know how to configure it to use o
What about if you change the rating and give the other one more rating,
maybe it will decrease the time to balance the load
Regards,
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Mark Elsen
Sent: Jueves, 13 de Julio de 2006
Mark,
I've done that before and It's matter of hours, you can check in the
voyager's monitor of the cluster. If you set the rating of the two boxes the
same rank the boxes will distribute the load in an hour at most.
How is your configuration?
Best Regards,
lino
-Original Message-
Policy server is for secureclient. Do you have it enabled??
Best regards
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Alan Choyna
Sent: Miércoles, 12 de Julio de 2006 11:31 a.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
S
I've installed this package SecureClient_B558000701_1_mac.pkg.zip
For MAC OS 10.3.x
Best Regards
lino
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Marius
Banica
Sent: Miércoles, 12 de Julio de 2006 03:59 a.m.
To: FW-1-MAILING
Hello all!
Has anybody was able to function Secureclient for MAC??
I find out that there's a bug with Office Mode in this client, but when I
try to connect I got this message:
COnnection Canceled
"This machine's IP can only be used with Office Mode"
Can somebody give me some advis
You mean a relation one to one --- user to ip?? First of all you need to use
office mode and secureclient.
If this what you need, use ipassignment.conf there's information in the
vpn.pdf
In my case I had to do a cpstop and cpstart in order to work for the first
time, after that just with a policy
I didn't undestand exaclty what you are trying to do, but If your talking
about send the logs to a different machine I mean, no te smartcenter, you
should add a new log server and change in Logs And Masters tab in the
firewalls to redirect the logs to the new log server, also you should have a
val
First of all you should have a central license, this is better because even
if you change the ip address of the modules or you change the module there
is no need to modify your license, you just detach and attach to another
one.
Your firewall should have the external ip address for your vpn's.
Maybe you can try this command, it may help you find out what's going on.
cpstat -f kmem fw
regards
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Jignesh
Joshi
Sent: Miércoles, 28 de Junio de 2006 06:17 a.m.
To: FW-1-MAI
Uncheck FW-1 from the management object in the SmartDashboard.
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Neil Kemp
Sent: Lunes, 26 de Junio de 2006 05:30 a.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: [
And SNX network mode is supported in Linux, you should have your browser's
jvm updated.
Regards,
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of carlopmart
Sent: Martes, 20 de Junio de 2006 04:42 a.m.
To: FW-1-MAILINGLIST@A
Hi all!
I have my management in Solaris 5.8, does anybody has any problems
installing the last recommended cluster of patches?? Does it affect somehow
the firewall??
Best Regards,
Lino
=
To set vacation, Out-Of-Office, or away mess
You should export you configuration using upgrade_import and upgrade_export
and when you have your management up, in your object uncheck the firewall
product from the object so that it will be only the management.
If you're using an appliance or a windows computer configure it to function
as a enf
Hi all!
I have one question, does anybody know how many concurrent connections a
nokia appliance can handle?
I have an IP530 with 1 GB RAM. CheckPoint R55.
Best Regards,
Lino E. Avila
=
To set vacation, Out-Of-Office, or away mes
As you mentioned the issue is with your windows cluster MAC address, can
does your cluster works fine without the firewall?? Like from the internal
network? Maybe your multicast address is not working like it supposed to.
You should see the multicast address instead of the hosts mac address.
Just a note. R55 can run on IPSO 3.9 without any problems. I got a customer
with this configuration and they haven't had any issue.
Regards,
lino
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Peter Addy
Sent: Jueves, 01 de
But isn't the nokia appliance monitoring the firewall state?? What happens
when your firewall application stops working? Does your traffic stops at
all?? That's not an HA configuration?? Does it??
The firewall monitoring setting is on, I have checked everything, and it's
seems to be ok. What els
the other box?
Which VRRP mode are you using?
Have you read the following Nokia solutions?
Resolution 1350275
Solution 1132294
Regards,
Werner
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Lino
Eduardo Avila Rodríguez
Sen
Everything is the same in the show vrrp. It's on the monitor firewall state.
What else could it be?
Bruce, how did you solved this issue??
Best Regards,
Lino
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Wayne Ho
Sent: M
Hi all!
I have a question regarding vrrp and checkpoint. Recently I did a cpstop on
one of my nokia appliance, I assumed everything will move to the other
appliance, but it didn't, is this behavior ok? Or the machine should go down
in order to route the traffic on the other box?
I have R55 with
Have you tried using ip pool nat, it may help you solve it.
cheers
lino
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Shiroma
Dassanayake
Sent: Lunes, 22 de Mayo de 2006 05:35 a.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.CO
You can download it from the checkpoint site, in downloads--> documentation,
The file you are looking for is the vpn-1.
Cheers.
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Tibor
Szurok
Sent: Lunes, 22 de Mayo de 2006 0
The difference is the price of the license.
cheers
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of
Ramakrishnan Pillai
Sent: Viernes, 19 de Mayo de 2006 12:11 p.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: Re:
hello guys,
has anybody seen this message??
"VPN-1 Securemote/Secureclient kernel installation failed."
The problem appears when it's installing securemote. I've tried install
diffent versions of the software and the problem remains.
The operating system is Win XP SP2
Any thoughts?
What's in the Wrapper_R61.elg file?
Have you tried pkgadd??
Best Regards,
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Suresh
Rajagopalan
Sent: Jueves, 11 de Mayo de 2006 05:29 p.m.
To: FW-1-MAILINGLIST@AMADE
Have you tried
srfw monitor ?
Maybe it would help you, can you telnet to the port 264?
Best Regards
lino
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Scott
Tobias
Sent: Martes, 25 de Abril de 2006 04:56 p.m.
To: FW-1-MAI
I believe your problem is topology.
Check the cluster or firewall object and in the topolgy tab specify your
topology by interface. Remember the networks specfied in the topology are
the one behind that interface that it should protect. Verify the external
interface also.
Hth
lino
What about iPlanet Directory Server, or any server that uses Ldap Protocol?
Best Regards,
Lino Avila
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Reinhard
Stich
Sent: Viernes, 21 de Abril de 2006 12:31 p.m.
To: FW-1-
r yours ends in .9, which is pretty
low. It does not work like a DHCP resevation.
Ray
>From: Lino Eduardo Avila Rodríguez <[EMAIL PROTECTED]>
>Reply-To: Mailing list for discussion of Firewall-1
>
>To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
>Subje
domain. You should use a totally different subnet (different from your
officemode pool) for the ipassignment.conf to work.
Regards,
Ramki
Lino Eduardo Avila Rodríguez wrote:
> I have configured office mode and It works ok, the I edited the
> ipassignment.conf file with one user to test it
D] On Behalf Of sin
Sent: Martes, 18 de Abril de 2006 01:41 p.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: Re: [FW-1] ipassignment.conf
Lino Eduardo Avila Rodríguez wrote:
>
>
> I have tried installing the policy and nothing happens.
>
> The I read somewhere you h
I have tried installing the policy and nothing happens.
The I read somewhere you have to restart de cp services, but I don't know if
it's going to work.
Regards,
_
From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]
Sent: Martes, 18 de Abril de 2006 11:37 a.m.
To: FW-1
Hi all!
When you edit the ipassignment.conf file from the fw modules, do I have to
restart the services??
Best Regards,
Lino
=
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of
Routing is working ok? If you don't reach the firewalls can you reach a hop
before your them?
Have you try uninstalling the default policy of remote firewalls?
Regards,
Lino E. Avila
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On
a de forma permanente de cualquier computadora en la que resida y en
caso de existir, destruya cualquier copia impresa.
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Lino
Eduardo Avila Rodríguez
Sent: Jueves, 06 de Abril de
Hello!
I'm trying to make the firewall ignore non-syn packets for certain
application. The solution nokia and checkpoint provide is to edit the
user.def and add the following line,
deffunc user_accept_non_syn() { dport = 22 };
I'm having an issue with this /$FWDIR/lib/user.def file.
T
Yes I'm using Splat with NGX. Administrating 4 nokia appliances.
Regards,
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Reinhard
Stich
Sent: Jueves, 06 de Abril de 2006 10:46 a.m.
To: FW-1-MAILINGLIST@AMADEUS.US.C
Have you tried downloading the file again? It migh be corrupted? Did you run
a integrity checksum to check if the package is ok?
O maybe running newpkg and select to load the file from the localfilesystem
(option 4)?? You should try to download the package to your local filesystem
and the try aga
You can use lynx
Or iclid. Check the Nokia CLI user guide.
Regards,
Lino E. Avila
La información contenida en el presente correo es confidencial y para uso
exclusivo de la persona o institución a que se refiere. Si usted no es el
receptor deliberado tiene prohibido y podría s
According to nokia, you should change the cadmin password.
"This is expected behavior. When the problem happens, reset cadmin password
by Voyager. So that the member can join the cluster."
Regards,
Lino E. Avila
-Mensaje original-
De: Mailing list for discussion of Firewall-1
[m
You can try using subinterfaces. But your isp router also has to have those
subinterfaces defined.
Cheers,
Lino E. Avila
La información contenida en el presente correo es confidencial y para uso
exclusivo de la persona o institución a que se refiere. Si usted no es el
receptor deliber
Maybe you can try using fw monitor or tcpdump to wether the connection is
reaching your module. Also check the if there are no other device that may
be blocking this type of connection.
Traceroute works fine?
Best Regards,
Lino E. Avila
-Original Message-
From: Maili
I know that if you don't have a valid software subscription will the license
upgrade will fail, might it be the case??
Regards,
Lino
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Adam BE
Sent: Jueves, 23 de Marzo d
You'll have to enable it via smartdashboard. There's a checkbox where you
can enable this.
Best Regards,
Lino E. Avila
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Ramki
Security
Sent: Lunes, 20 de Marzo de 2006 01:50
Yes I have,
I think you should try it again.
Maybe you can try it with a different browser.
Regards
Lino E. Avila
La información contenida en el presente correo es confidencial y para uso
exclusivo de la persona o institución a que se refiere. Si usted no es el
receptor delib
Remember to set up the interfaces with the required bandwidth in your
modules
cheers
Lino E. Avila
[EMAIL PROTECTED]
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of sin
Sent: Jueves, 02 de Marzo de 2006 10:59 a.m.
To: FW-
I had the same problem, I think it's a bug in ngx, I had a SR opened to fix
this issue. The workaround was to upgrade the IPSO to 4.0 and the problem
went away.
Regards,
Lino E. Avila
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED]
Maybe this World help you!
http://pricelist.checkpoint.com/sections/Enterprise.asp
Best Regards,
Lino E. Avila
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Lorenzo
Sent: Martes, 14 de Febrero de 2006 03:10 a.m.
To: FW-1-
Hello Gurus!
Does anyone know any issues related to HFA_17?
Best Regards,
=
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-mailinglist nomail
=
You could use cp_merge with this you can merge both configurations and you
won't loose your previous configurations.
About the upgrade_import I believe you can install anywhere but by default
is in the $FWDIR/bin/upgrade_tools/ directory.
Always is a good practice to backup your configurations b
What OS do you have?
Use Upgrade_export for your management.
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Verweyen,
Dirk
Sent: Jueves, 09 de Febrero de 2006 08:57 a.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: [FW
There are two ways, upgrading the image, you can use IPSO 3.9 or IPSO 4.0.
After that upgrade the CP packages via newpkg or voyager.
Or you can backup the operating system and the perform a clean install,
after that install the OS's backup and then install CheckPoint packages,
obviously you'll lo
: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: Re: [FW-1] cpdb2html fails
No, there's no GUI open. Is it possible the expert login has something to do
with it?
GBrink
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Lino
Ed
Do you have any GUI open? I might fail because of this issue.
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of
Brinkerhoff, Gary
Sent: Viernes, 03 de Febrero de 2006 03:01 p.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subjec
If you are on the management server you can execute the command in any place
but if you connect via GUI you have to extract the files in the
SmartDashboard directory, meaning: C:\Program
Files\CheckPoint\SmartConsole\R60\PROGRAM
cheers
-Original Message-
From: Mailing list for discus
Hello Guys!
What commands should I issue in the firewall to check if the firewall is
perfoming ok?
Best regards,
Lino Avila
=
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the
I have the problem that one module wasn't logging to the management. You can
do a "fwlogswitch" in the module and "fw fetch logs" from the management to
the module.
Cheers
lino
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Ere
I experienced the same problem, this issue has to do with the consolidation
of logs. In the management tab, in the consolidation part, create a new
consolidation session but create a customized session and select the fw.log.
After this it starts to get everything from your log server and after a
wh
martcenter from Windows to Splat Platform
Thanksto everyone who replied...I am assuming that the export/import
retain our licenses repository.
Regards
Lino Eduardo Avila Rodríguez <[EMAIL PROTECTED]> wrote:
Remember to have the same hostname and ip address.
Best regards
-Origi
Remember to have the same hostname and ip address.
Best regards
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Kim
Longenbaugh
Sent: Viernes, 20 de Enero de 2006 10:49 a.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject:
Hey Guys,
Does anyone knows how to create a VPN with PALM OS and CheckPoint?
Best Regards,
Lino
=
To set vacation, Out-Of-Office, or away messages,
send an email to [EMAIL PROTECTED]
in the BODY of the email add:
set fw-1-m
Hi!
I have the following error in the eventia reporter. I installed the reporter
on ngx in a distributed configuration. I installed the policy and everything
worked fine. I log into the GUI it connects to the reporter fine but in the
management section the consolidation session status is N/A or a
I have a service request opened with checkpoint and the engineer told me the
following about IPSO 4.0 about VPN Site to Site.
If you have a cluster with IPSO 4 and a VPN the IP address that is used for
the tunnel is not the external IP as it should be. This will not affect
remote clients because
You can try using srfw monitor
It is located in the bin directory of your securemote installation. Maybe
you can debug your problem with the client.
Best Regards,
Lino E. Avila
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of
ll-1
[mailto:[EMAIL PROTECTED] On Behalf Of Martin Hoz
Sent: Sábado, 17 de Diciembre de 2005 11:36 a.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: Re: [FW-1] license warning
On 12/16/05, Lino Eduardo Avila Rodríguez <[EMAIL PROTECTED]> wrote:
> I have the following warning a
n Hoz
Sent: Sábado, 17 de Diciembre de 2005 11:36 a.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: Re: [FW-1] license warning
On 12/16/05, Lino Eduardo Avila Rodríguez <[EMAIL PROTECTED]> wrote:
> I have the following warning about the license but I'm clueless about it
>
Hi!
I have the following warning about the license but I'm clueless about it
I have a cluster with ngx.
I have the license for SmartCenter Pro and the HA license for the cluster.
Also the securemote licenses for 1000 users.
Warning: Can't find:::CPMP-SMPO-U-NGX in cp.macro. License Version mig
You can add it manually and naming the interface whatever you like except
the names you already have defined in the topology. Remember to set the
antispoofing feature to external.
Regards
Lino E. Avila
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL
Did your virtual routers are the same in both firewalls? Do you have the
rules of vrrp traffic? The time is the same on both? Priorities, check when
you have both firewalls up how many masters do you have maybe the nokias are
fighting for the master and your traffic goes down.
In the cluster setup
Try srfw monitor to see what's happening with your connection. Make sure the
ipsec ports are open from the location you are connecting.
Regards,
Lino E. Avila
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of duncan16v
Sent: Vier
Do you have the smartcenter (management) in your nokia?
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Agüero,
Jose
Sent: Miércoles, 14 de Diciembre de 2005 06:09 p.m.
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: [FW-
check disk space in you management
-Original Message-
From: Mailing list for discussion of Firewall-1
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Sent: 07/12/2005 01:36 p.m.
Subject: [FW-1] Problem with logs
Hi, i have a splat NG R55 Enforcement module and the Smart Center Server
o
I have a cluster on nokia 3.9 and NGX, everything works ok, there is load
sharing with IP Clustering. The problem here is that when I look into the
SmartView Monitor, I keep getting the message: Bad Reply and the Cluster XL
status is Waiting.
I've already applied HFA01. Any thoughts?
Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Lino
Eduardo Avila Rodríguez
Sent: Thursday, December 01, 2005 4:07 PM
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: Re: [FW-1] Web Visualization Tool
Visualization Tool
I saw that but it is not making any since.
Thanks,
JiMS
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Lino
Eduardo Avila Rodríguez
Sent: Thursday, December 01, 2005 3:17 PM
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
t not what I want. Hope this helps!
Thanks,
JimS
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Lino
Eduardo Avila Rodríguez
Sent: Thursday, December 01, 2005 12:50 PM
To: FW-1-MAILINGLIST@AMADEUS.US.CHECKPOINT.COM
Subject: Re:
What is your problem? What are you doing?
Lino E. Avila
[EMAIL PROTECTED]
52651700 ext. 1775
Nextel ID: 52*19746*47
Mobile: 55 24743746
-Original Message-
From: Mailing list for discussion of Firewall-1
[mailto:[EMAIL PROTECTED] On Behalf Of Jim Swecker
Sent: Jueves, 01 de Diciembre de 20
1 - 100 of 152 matches
Mail list logo
