[Dshield] Checkpoint 4.1
joem at nist.gov
Wed Oct 6 16:23:18 GMT 2004
At 02:49 PM 10/5/2004, you wrote:
>Thank guys. Below is the email I sent to their list, just in case a
>Checkpoint wizard lurks around DShield and is feeling generous with his/her
>I am not a FW1 expert. I apologize in advance if I fumble with terminology
>or leave out obviously pertinent information (obvious to an expert).
It's been a while since I worked with 4.1, it's unsupported and did need
some patches. I'm assuming when you moved over the new box you brought
over the ~/database, ~/conf, and Checkpoint recommended the ~/state
directories (although I can't fathom why the state directory is
needed). Your SecuRemote woes could be something simple as not adding a
license for SecuRemote, which is free but needed for it to work. Natting
may also be an issue or it could be something as simple as routing. Maybe
there is no network connectivity between the two boxes. A ping/traceroute
might help in this case. Under 4.1 the client had to point to the box that
held the management station. Since there is nothing in your logs, run
tcpdump somewhere along the path between the two boxes and see what, if
anything, is going on.
Hope this helps....
More information about the list