An addition to this note:
the local.arp will need to be changed to the new external MAC address
for all static routes
you will want to clear the ARP cache on your upstream connection to
enable traffic to flow correctly
I just went through this.
Todd S. Everett, CCSE, CNE, MCSE
Senior Network Consultant
Infoware, Inc.
847-825-5500 x108
[EMAIL PROTECTED]
Sent by: To:
[EMAIL PROTECTED]
[EMAIL PROTECTED] cc:
kpoint.com Subject: Re: [FW1]
Which Connfiguration files do I
Need
08/04/2000 10:06 AM
Phoneboy's FAQ -- http://www.phoneboy.com/fw1/ -- lists the following
files as those which need to be backed up/moved to restore or transfer a
system. I have transfered my Firewall 1 configuration/policies between
Solaris 2.6 servers by moving these files. So in answer to your question,
transfer any of these which are not already identical:
On the mangement console, this is:
$FWDIR/conf/fw.license
$FWDIR/conf/objects.C
$FWDIR/conf/*.W
$FWDIR/conf/rulebases.fws
$FWDIR/conf/fwauth.NDB*
$FWDIR/conf/fwmusers
$FWDIR/conf/gui-clients
$FWDIR/conf/product.conf
$FWDIR/conf/fwauth.keys
$FWDIR/conf/serverkeys.*
On the firewall module, this is:
$FWDIR/conf/fw.license
$FWDIR/conf/product.conf
$FWDIR/conf/masters
$FWDIR/conf/fwauth.keys
$FWDIR/conf/product.conf
$FWDIR/conf/smtp.conf
$FWDIR/conf/fwauthd.conf
$FWDIR/conf/fwopsec.conf
$FWDIR/conf/product.conf
$FWDIR/conf/serverkeys.*
You should also modify any file you may have modified in $FWDIR/lib. If you
are going to be upgrading, it is not wise to copy an older version of one
of these files over a newer version. If you are running Windows NT and
doing static address translation, also backup $FWDIR/state/local.arp.
Matt Ruehlen
Network Operations Supervisor
ELF Technologies, Inc.
Voice: 206 770 4034
Fax: 206 728 5654
"Robert Kuhlig"
<[EMAIL PROTECTED]> To:
[EMAIL PROTECTED]
Sent by: cc:
[EMAIL PROTECTED] Subject:
[FW1] Which Connfiguration files do I Need
kpoint.com
08/04/00 04:12 AM
hi
we are using two systems with a fw1 4.0 on a sun machine. they are
identical
except the different IP addresses.
I have created a new rule base (old Objects) and passed an acceptance test.
No I have to install the new rule base in the live system. Therefore I
changed the IP addresses of all objects (after saving my old configuration
files in the conf directory).
My question is now which files do I have to copy to the live net conf
directory.
Only livent.W and (new) object.C ?
Any others ?
Any files in other directories then /conf ?
Thanks for help
Rob
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
