I have had nothing but problems after upgrading to 4.1 SP2. So far CP has not been
any help in solving the problems. My major issue is that I have a distributed
enterprise with an unlimited firewall and a management server on different machines,
then 3 remote firewall modules, all of which are 25 node licenses (all Strong VPN) -
all NT.
I am now having a "too many host" problem with the remote 25 node firewalls.
Everything looks right, external.if, etc..
What I see when doing an 'fw lichosts" is the interface name is only 4 characters,
rather than the 5 or six it should be. This looks ambiguous to me. It lists the ip
address backwards following the host: keyword in the output. And of course it is
logging every IP that it sees, including remote network addresses coming in through
the VPN, public IP's on the external and the internal addresses.
If I run 'fw ctl iflist' the output shows the correct interface names. They are
correct in the gateway object etc... It looks as though the only place where they are
screwed up is in the output of the lichosts command. But obviously it's screwed up
somewhere else or I wouldn't have the "too many hosts" problem.
BTW, two of these are NEW 4.1 SP2 installations. One was prevously 4.0 SP4 without
these problems. Now all THREE have the same problem.
Anyone have similar problems or a clue as to what's going on?
I also get errors in the event log like these:
The description for Event ID ( 1 ) in Source ( FW1 ) could not be found. It contains
the following insertion string(s): \Device\FW1, copyin: failure copying 56 bytes from
0xF71FF6B8-->.
I've seen some other reference to this type of event log entry here on the list, but
nothing so far from Checkpoint!
David Hassilev, CCSE (FWIW)
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
