Re: [fw-wiz] Check Point NG FP3 HF2 on Solaris 5.8

To the OP: Did you happen to (oops!) put in a rule that stops the
management server from talking to the managed firewall? (or accidentally
take out one that allows it?)


________________________________

From: firewall-wizards-bounces@xxxxxxxxxxxxxxxxxxxxxxx
[mailto:firewall-wizards-bounces@xxxxxxxxxxxxxxxxxxxxxxx] On Behalf Of
Robert D. Hughes
Sent: Thursday, August 02, 2007 2:22 AM
To: Firewall Wizards Security Mailing List; Firewall Wizards
Security Mailing List
Subject: Re: [fw-wiz] Check Point NG FP3 HF2 on Solaris 5.8



Disclaimer: sorry for the top post, I'm stuck in OWA right
now...


FWD won't help with the policy install. In NG, FWM on the
manager talks to CPD on the firewall. FWD was only used pre-NG for
policy installs. Debug those two process to find out what's happening.
You might also try:

fw fetch <manager>

and see if that tells you anything useful.

Regards,
Rob


-----Original Message-----
From: firewall-wizards-bounces@xxxxxxxxxxxxxxxxxxxxx on behalf
of Robby Cauwerts
Sent: Wed 8/1/2007 6:00 PM
To: Firewall Wizards Security Mailing List
Subject: Re: [fw-wiz] Check Point NG FP3 HF2 on Solaris 5.8

On 7/20/07, Robert Fenech <robertfenech@xxxxxxxxx> wrote:
>
> Hi,
>
> I am encountering a problem when it comes to install a policy
on an NG FP3
> HF2 firewall running on an old Solaris 5.8 machine.
>
> Primarily when the policy is about to be installed I get the
message
> "Failed to install policy. Please make sure that Firewall-1
services are
> running...".
>
>

Try a cprestart or cpstop/cpstart on the fw module ( be aware of
the impact
on your traffic/remote mgmt of the fw!).
And then try to push the policy again a few times.

If this doesn't solve the problem try to debug cpd and fwd
(check CP
knowledgebase or post a reply).

Br.
Robby



_______________________________________________
firewall-wizards mailing list
firewall-wizards@xxxxxxxxxxxxxxxxxxxxx
https://listserv.icsalabs.com/mailman/listinfo/firewall-wizards

Relevant Pages

  • problem solved (was Re: failing to share internet access between two PCs installed with Debian 3.1)
    ... It turns out that I forgot to install the DNS ... firewall settings of the entire network. ... > Chain FORWARD (policy DROP) ...
    (Debian-User)
  • Re: New Install. Any advice?
    ... gateway (Computer Associates Secure Content Manager) It is on my DMZ. ... the firewall just for the secure content manager to talk the exchange server? ... >> Anyone have some good advice or things to watch for during install? ...
    (microsoft.public.exchange2000.setup.installation)
  • Re: [fw-wiz] Check Point NG FP3 HF2 on Solaris 5.8
    ... FWM on the manager talks to ... FWD was only used pre-NG for policy installs. ... I am encountering a problem when it comes to install a policy on an NG ... If this doesn't solve the problem try to debug cpd and fwd (check CP ...
    (Firewall-Wizards)
  • [fw-wiz] Check Point NG FP3 HF2 on Solaris 5.8
    ... I am encountering a problem when it comes to install a policy on an NG FP3 ... HF2 firewall running on an old Solaris 5.8 machine. ...
    (Firewall-Wizards)
  • SQL Server 2000 MSDE and XP sp2 problem
    ... After installing Windows XP SP2, a new problem was created in Enterprise ... manager. ... be "Do not install XP Service Pack 2 if you are running MS-SQL Server". ... Have also tried turning off the XP firewall -- both by using the interface, ...
    (microsoft.public.sqlserver)