[FW1] FW1 v4.0 SP1 GUI erases pre-shared secrets

Sun, 28 May 2000 06:55:13 -0700 


Does anyone know of a fix or workaround for the
below problem which I am also experiencing?
(my environment is FW1 v4.0 SP1, SR4153 3DES)

----------------------------------------------

Giorgio Paolucci <[EMAIL PROTECTED]> on 02/12/99 18:34:30

To:   [EMAIL PROTECTED]
cc:    (bcc: Mike Anning/WEY/EU/CHEP)
Subject:  [FW1] FW1-4.0 GUI erase user shared secret....

Hello all,
I configured a FW1 on an NT server 4.0 SP4, I applied FW1 SP4 also. My
client have to connect to a server behind the firewall using securemote
(release 4117) with IKE (ISAKMP) encryption method from PCs with NT
workstation 4.0. I decided to user shared secret method for key
exchange. Everything works but I found two big problems:

1) When I remove a user from a group and install user database all
shared secred of all users get lost!!

2) If I set a location restriction for each users (I would like to allow
a user to connect to my server only from his PC) it works for some time,
then the firewall denies the access. To solve the problem I have to
remove the location restriction (i.e. I put "Any" as source in the user
properties, apply the policy, put the IP of the PC in the source field
and apply the policy again).
Any ideas? The first problem is really bad. I can't retype 200 shared
secrets.....
Thankyou all.
Best regards,

     Giorgio Paolucci

-----------------------

Forum:     Firewall-1 (Admin)
 Date:        Jan 11, 11:26 
 From:       Mat mat 

Hi,

I had a strange problem managing pre-shared secret field for
Securemote users with FW-1 4.0. Two times until now, about half of the
users have lost their pre-shared secret. I mean that the firewall
server seems to lost all those pre-shared secret and then I see
messages like "no pre-shared secret defined for that user" in the
logs. I had to reenter manually the pre-shared secret for that users.
I've noticed that there was nothing ( no "***" ) stored in the field.


 





__________________________________________________
Do You Yahoo!?
Kick off your party with Yahoo! Invites.
http://invites.yahoo.com/


================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================

Reply via email to