Hi Alan,
There was just a discussion on this a few days ago. It seems that starting with FP3, Check Point removed that option by default, no longer listing the gateways. They have a KB article that gives a dbedit change you can make to restore this functionaility.
However there seems to be a catch: Due to some security enhancements in FP3 and later, it's apparently possible to get a mismatch between the rulebase and the user database if you use "install database". If you have a user listed in a rule and install the database only after having deleted that user for whatever reason, it's apparently possible that the the firewall won't start.
Ray
From: Alan Baker <[EMAIL PROTECTED]> Reply-To: Mailing list for discussion of Firewall-1 <[EMAIL PROTECTED]> To: [EMAIL PROTECTED] Subject: [FW-1] User Database Management Date: Thu, 8 Jul 2004 12:29:12 +0100
We've just upgraded from 4.1 to NG AI (R55) HFA_04. Management and Firewall are on separate Solaris boxes.
Previously I'm fairly certain we were able to modify User Accounts (for VPN) and just (re-)install the user database. Now it seems like we have to (re-)install/push the policy as well.
Has there been a change here somewhere?
I ask, because the User Admin is normally done by another administrator who doesn't normally need full write access to the rule base etc. So I give him a customised permissions profile that only allow access to the User database.
Alan
_______________________________________________________________________
The information in this email is confidential. It is intended solely for the addressee. Access to this email by anyone else is unauthorised. If you are not the intended recipient, any disclosure, copying, or distribution is prohibited and may be unlawful. If you have received this email in error please delete it immediately and contact [EMAIL PROTECTED] _________________________________________________________________
This e-mail has been scanned for all viruses by Star Internet. The service is powered by MessageLabs.
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
_________________________________________________________________ FREE pop-up blocking with the new MSN Toolbar – get it now! http://toolbar.msn.click-url.com/go/onm00200415ave/direct/01/
================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
