RE: [FW1] FW: 3rd NIC card problem

davidxs Fri, 02 Jun 2000 11:43:45 -0700

Hello All,

Thanks for all of the replies regarding adding additional NICs to a FW box.
Unfortantly I haven't been able to get it to work yet... The new interface
fails to show up in "route print" in NT meaning NT isn't recognizing the new
NIC. (interface IP (new NIC) 127.0.0.1)

All NICs have seperate subnets assigned to them so I know that isn't a
problem, and traffic flows normally through the other main internal and
external NICs just fine. I was hoping that adding the NIC wouldn't be as
intrusive as reinstalling FW-1, but it looks like that is the course to
take...

What eddy lists below in backing up directories... Is that all?? I have seen
other posts saying to back up more... Is there anything in a directory, when
put back after reinstall that would effect the new install negatively in the
sense that a new NIC is now in place...The posts below states that all *.W,
*.pf, *.C, and rulebases.fws should be copied and the same SP be in place
when building a new firewall with the same rules, etc...

Is there any real difference between building a new firewall to take
another's configuration and re-installing fw-1 on a box after adding a new
NIC in terms of what is need to be copied in the fw directory after install?

David



Previous Posts on FW migrations ---------------------------


Make sure the FW's are at the same level and the same SP before you try this
or you'll have issues.

Mike

> -----Original Message-----
> From: James Otts [SMTP:[EMAIL PROTECTED]]
> Sent: a iae 30 2000 23:35
> To:   Troy Fontenot
> Cc:   [EMAIL PROTECTED]
> Subject:      RE: [FW1] Copying a rule base from one firewall to another
>
>
> Yup... I believe you just need *.W, *.pf, *.C, and rulebases.fws
>
> James
>
> >  -----Original Message-----
> > From:       Troy Fontenot [mailto:[EMAIL PROTECTED]]
> > Sent:       Tuesday, May 30, 2000 4:31 PM
> > To: [EMAIL PROTECTED]
> > Subject:    [FW1] Copying a rule base from one firewall to another
> >
> > Is it possible to copy a rule base and the objects from one firewall to
> > another if they are both running at the same version and service pack
> > level?  If so, which files do I need to copy?
> >
> >
> > Troy Fontenot



-----Original Message-----
From: [EMAIL PROTECTED]
[mailto:[EMAIL PROTECTED]]On Behalf Of Eddy
Chien
Sent: Thursday, June 01, 2000 1:12 PM
To: [EMAIL PROTECTED]
Cc: [EMAIL PROTECTED]
Subject: RE: [FW1] FW: 3rd NIC card problem



Hi Sunny,

Did you re-install FW-1 after adding the new network card?  Because FW-1
needs to put inspect module between protocol stack and NIC driver.  You will
need to re-install FW-1 after making any changes to the network card.

The proper procedure for adding / removing network card or even applying
service pack is:
1. Backup your fw configuration: basically the winnt\fw\conf and
winnt\fw\state directories.
2. Make what ever changes you need.
3. Re-install Fw-1.
4. Copy the two directories mentioned above back.


Hope this helps



eddy chien


>From: Sunny Kwan <[EMAIL PROTECTED]>
>To: [EMAIL PROTECTED]
>CC: [EMAIL PROTECTED]
>Subject: RE: [FW1] FW: 3rd NIC card problem
>Date: Thu, 1 Jun 2000 19:26:40 +0800
>
>No, I don't mean that. What I mean is: there should be only one default
>gateway for the NT server itself. Take for example:
>NIC 1 - ip 10.1.1.1 mask 255.255.255.0 (no default gateway)
>NIC 2 - ip 192.168.1.1 mask 255.255.255.0 (no default gateway)
>NIC 3 - ip 207.133.4.50 mask 255.255.255.0 default gateway 207.133.4.254
>(your router)
>So the whole server have only one default gateway then it can find way out.
>
>Sunny Kwan
>Infrastructure Manager, renren.com
>Home for the global Chinese family -
>http://www.renren.com <http://www.renren.com/>
>
>-----Original Message-----
>From: [EMAIL PROTECTED] [mailto:[EMAIL PROTECTED]]
>Sent: Thursday, June 01, 2000 7:08 PM
>To: Sunny Kwan
>Subject: RE: [FW1] FW: 3rd NIC card problem
>
>
>Let me see if I understand this:  the new NIC has an address on the same
>subnet as one of the existing cards?  If so - how do you expect NT to make
>routing decisions to use the card?  To my knowledge, it is impossible for
>NT
>to act as a bridge.
>
>  -----Original Message-----
>From:                  davidxs [mailto:[EMAIL PROTECTED]]
>Sent:                 Thursday, June 01, 2000 12:06 AM
>To:                 Fw-1-Mailinglist
>Subject:                 [FW1] FW: 3rd NIC card problem
>
>
>Hello All,
>
>I am trying to put a 3rd NIC into my FW 4.0 without success. After
>installing the driver for the NIC sucessfully for NT, the FW will not allow
>traffic through its external interface. I have tried adding the the new
>interface to the FW object without sucess as well. The new card has an IP
>address of the the same class C internally but obviously a different
>specific IP from other the internal NIC.

________________________________________________________________________
Get Your Private, Free E-mail from MSN Hotmail at http://www.hotmail.com



============================================================================
====
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
============================================================================
====



================================================================================
     To unsubscribe from this mailing list, please see the instructions at
               http://www.checkpoint.com/services/mailing.html
================================================================================
RE: [FW1] FW: 3rd NIC card problem

Reply via email to
