[VPN] Checkpoint NG FP3 and Firewall Module
friedberg at comets.com
Sun May 11 16:41:31 EDT 2003
I hope you have enterprise level Checkpoint support available. Personally, I would recommend you research alternatives to NG. I personally suspect those letters really mean Not Good (quality of support, code, etc). Just my 2 cents.
I have been involved with similar types of issues (FP3 upgrade failed, thereafter the system is fundamentally unstable, can't apply FP2 paches, can't upgrade to FP3).
I wonder if it is just the cluster with a management station that has these problems, or if they are more widespread. Interestingly enough, the FW to FW VPN seems to work well...
Have you looked into a Cisco PIX? Or, if you are technically capable, would IPTables/Netfilter (Linux) or BSD IPFilter work for you? with FreeSWAN for VPN? or CIPE?
BTW, is this a SecuRemote question? If not, you should join FirewallWizards or similar and post there; there are probably more people who are FW1 experts.
From: Dain . [mailto:area_20%hotmail.com at fwd.com]
Sent: Friday, May 09, 2003 10:34 AM
Subject: [VPN] Checkpoint NG FP3 and Firewall Module
I have recently installed a Checkpoint cluster and a Management machine
running NG FP3 but by accident installed the Firewall module onto the W2K
box as well as the management clients. We only noticed this when the
firewall wouldn't log to the admin box.
We have managed to stop the firewall process on the management PC and the
logging now works OK. The question is, is there any way of removing the
firewall component whilst just leaving the management clients, or do we need
to completely re-install the box ? If we can remove the process, how would
you recommend backing up the config ?
Thanks in advance for any light you could shed on this .....
Stay in touch with absent friends - get MSN Messenger
VPN mailing list
VPN at lists.shmoo.com
More information about the VPN