Hi! I made a new time-object, used it in a CLM-object and logs were switched fine! Thanks for your advice.
-lari- -----Original Message----- From: Mailing list for discussion of Firewall-1 on behalf of Rajeev Gupta Sent: Wed 1/9/2008 3:09 PM To: [email protected] Subject: Re: [FW-1] Logswitching not working Hi! Lari Luoma Senior Network Security Specialist Mainframe Consulting Oy [EMAIL PROTECTED] +358-45-6576820 www.mainframe.fi -----Original Message----- From: Mailing list for discussion of Firewall-1 on behalf of Rajeev Gupta Sent: Wed 1/9/2008 3:09 PM To: [email protected] Subject: Re: [FW-1] Logswitching not working Reboot would do no good, Lari. I would not recommend it but I would definitely have you bump up the time to logswitch by an hour as the first step for all of the CLM's - even if you do not have HA CMAs but there being an MLM, it would be updating/sync'ng database with MLM - it is known issue, so try this suggestion first and then run 'fw debug fwd on' in your specific CLM env which is failing to switch logs and look at 'fwd.elg' file for some relevant messages indicating the problem - the best for you is to open a ticket w/ Check Point support if you are not very familiar with how to run debugs in P-1 environment. hth, Rajeev On Jan 9, 2008 2:25 AM, Lari Luoma <[EMAIL PROTECTED]> wrote: > Hi! > > Thanks for your reply. Here some more details about the case. > > We are running NGX-R60 and CLMs are configured on MLM that is running > Solaris (the filters are IPSOs). We don't use Management HA (CMA HA or MDS > HA). On the same MDS there are a couple of CLMs where logs are switched > correctly, but on the other CLMs the logswitching is not working. The > configurations are the same. I have restarted the CLMs, but no success. > Maybe I should reboot the MLM... > > -lari- > > > -----Original Message----- > From: Mailing list for discussion of Firewall-1 on behalf of Rajeev Gupta > Sent: Wed 1/9/2008 12:55 AM > To: [email protected] > Subject: Re: [FW-1] Logswitching not working > > one of the reasons could be related to CMA database sync/update with HA > CMA's taking place at the same time when log switch is scheduled - so, you > may like to change the time by an hour, say, 1AM instead of midnight, to > switch logs. Another can be some registry settings that may need to be > removed - another can be simply a bug, if you happen to be at FP2, and > there > can be any number of other factors....... It would have been better if you > had given some more details - what version of P-1/CLMs; are the CLMs > configured out of a MLM or are independent, stand-alone systems???? > ....there are many ideas that can fail logswitching, Lari, but if you had > given more details, it might have helped to narrow down the likely > cause/s. > Here is good suggestion that may help - debug fwd process on the CLM > around > the time logswitch is scheduled. > > hth, > Rajeev > > On Jan 8, 2008 4:06 PM, Lari Luoma <[EMAIL PROTECTED]> wrote: > > > Hey, > > > > Any ideas why automatic logswitching is not working? We have Provider-1 > > environment and automatic logswitch is configured (at CLM-object) to > take > > take place daily at midnight. Still it is not working for some CLMs. The > > configuration is the same for all CLMs, some are working while some are > > not... > > > > -lari- > > > > Lari Luoma > > Senior Network Security Specialist > > Mainframe Consulting Oy > > [EMAIL PROTECTED] > > +358-45-6576820 > > www.mainframe.fi > > > > > > > > > > Scanned by Check Point Total Security Gateway. > > > > > > ================================================= > > To set vacation, Out-Of-Office, or away messages, > > send an email to [EMAIL PROTECTED] > > in the BODY of the email add: > > set fw-1-mailinglist nomail > > ================================================= > > To unsubscribe from this mailing list, > > please see the instructions at > > http://www.checkpoint.com/services/mailing.html > > ================================================= > > If you have any questions on how to change your > > subscription options, email > > [EMAIL PROTECTED] > > ================================================= > > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > > > ================================================= > To set vacation, Out-Of-Office, or away messages, > send an email to [EMAIL PROTECTED] > in the BODY of the email add: > set fw-1-mailinglist nomail > ================================================= > To unsubscribe from this mailing list, > please see the instructions at > http://www.checkpoint.com/services/mailing.html > ================================================= > If you have any questions on how to change your > subscription options, email > [EMAIL PROTECTED] > ================================================= > ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] ================================================= ================================================= To set vacation, Out-Of-Office, or away messages, send an email to [EMAIL PROTECTED] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [EMAIL PROTECTED] =================================================
