Set up the remote firewall as a host object. This way, you don't have to
get interface information. Then, install an any/any/any/accept policy to
the host defined object. Once installed, change the object to a gateway
object & get interfaces. Once you have the interfaces, change the policy
to a much, much more restrictive policy. It's a silly way of doing it, but
it should work.
-Mike
|--------+----------------------->
| | Velasquez |
| | Venegas Jaime|
| | Omar |
| | <jaime@ulima.|
| | edu.pe> |
| | |
| | 01/19/2001 |
| | 12:37 PM |
| | |
|--------+----------------------->
>-----------------------------------------------------------------------|
| |
| To: "FW1-MailingList (E-mail)" |
| <[EMAIL PROTECTED]> |
| cc: (bcc: Mike Semaniuk/Triumph) |
| Subject: [FW1] Adding a new Gateway Module (Firewall) to a |
| Managment Server : Fa iled to get interface information |
>-----------------------------------------------------------------------|
We have been trying this situation
-/----TZ----FWA---Internet--------FWB
/ I
Manag I
DMZ
When trying to add a new Gateway Module (Firewall) to a Managment Server ,
"Failed to get interface information" or "Snmp time out" messages pops up.
Checkpoint System Status simply doesn't show the new firewall (FWB) or when
it shows up and we install some policies on FWB , it suddenly breaks
connection between Managmente Module and FWB.
FWB running on NT
Can anyone give us some insight?
TIA
===========================================================================
=====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
===========================================================================
=====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
