Okay, I've given up hunting for a solution. Likely I can't even do what I am
trying to do. Here are the facts.
I have a management server version 4.0 build 4094. It is using s/key between
itself and two firewall modules (also version 4.0 build 4094). Everything is
working fine.
I am trying get this management server to communicate with a new firewall
module that was just installed. This new module is running version 4.1 build
41439.
In my initial attempt, I edited the control.map and changed all occurrences
of fwa1 to skey. Then I used on the management server I do: "fw putkey -n
<address of management server> <address of firewall module>" and enter a
password when prompted. On the firewall module I do: "fw putkey -n <address
of firewall module> <address of management server>" and enter the same
password as entered on the management server. This, according to all the
documentation that I can find is all you should need to do.
The only other thing I have tried is to put a NON-ENCRYPTED line in the
firewall modules control.map, on the off chance that this might work. It
does mention to do this on the 4.1 management server to talk to older
firewall modules, so I thought what the heck.
The error that I get when I try to push the policy to this new host is:
Authentication for command load failed
Failed to Install Security Policy on <new firewall>: Unauthorized action
Any help that you can provide would be appreciated.
Am I stuck upgrading my management server to 4.1?
Thanks in advance.
--Jason Murray - 3588 (Mike)
"Our greatest glory is not in never falling, but in rising every time we
fall."
-Confucius
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
