In fact, the name has not been changed, just the IP address, which, I think, negates the need to regenerate the certificate. Please correct me if I am wrong.
Policy has been pushed to all endpoints successfully. Any ideas anyone ? On 07/10/05, Neil Kemp <[EMAIL PROTECTED]> wrote: > Thats the only item I have not done, regenerated the certificate - I > could not remember whether that was necessary. Topology changes have > been made, and checked, and checked ! > > Will do it now. > > On 07/10/05, Jon Still <[EMAIL PROTECTED]> wrote: > > Neil Kemp wrote: > > > > > Both are Nokia Firewalls, and controlled by the management station at > > > the central site. The remote sites IP address has changed, we have > > > changed its IP on the firewall object, on the Nokia, and the hostname > > > it resolved to, but now when you try and connect over the vpn, it says > > > there is no valid SA, refer to sk19423 - > > > > Have you changed the topology settings on the firewall object as well as > > the main address? Also, if you've changed the name have you regenerated > > the firewall's certificate? The other gotcha I find when making a > > change like that is to remember to push the policy to the remote > > endpoint(s) of the VPN too otherwise it'll have no knowledge of the > > firewall that has moved IP. > > > > Hope this helps! > > Jon. > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
