That was exactly the problem. I fixed the fwstart and fwstop and everything
seems alright now. Except for the fact that Manual IPSec appears to be
broken in SP3. I had to upgrade to SP2 instead..
Many thanks to all who answered.
=====================================================================
Joseph Voisin, Systems and Network Administrator, Engel Canada Inc.
www.engelmachinery.com | [EMAIL PROTECTED] | (519)836-0220 x436
=====================================================================
-----Original Message-----
From: Kohichiroh Watanabe [mailto:[EMAIL PROTECTED]]
Sent: Monday, February 05, 2001 11:49 PM
To: [EMAIL PROTECTED]
Subject: Re: [FW1] 4.1 SP0 - 4.1 SP3 upgrade on AIX 4.3.3
Hi,
I found applying SP3 overwrite fwstart and fwstop script as original.
Did you check "no -o ipforwarding=x" configuration in fwstart & fwstop
script?
I installed Firewall-1 v4.1 Sp3 /w AIX 4.3.3 maintenance level 6 on my
RS/6k
and seems no trouble.
It seems no problem to skip service pack in current Firewall-1 versions
but to
avoid the problem it's better install service pack in order.
SP1 of AIX version is inside of Checkpoint2000 CDROM.
I found another problem in starting snmpd. in fwstart script(same in all
un*x
version),
+264 if ($dosnmp) then
+265 echo 'FireWall-1: Starting snmpd'
+266 if ( $aix ) then
+267 nohup /usr/sbin/snmpd -p 260 > /dev/null
+268 else
Calling snmpd using -p option but AIX's snmpd doesn't support such
option.
regards.
/* IBM Japan,Ltd. */
/* IGS, e-Business Enablement Services / ERS-J */
/* Koichiro Watanabe */
From: "Joe Voisin (FW1)" <[EMAIL PROTECTED]>@lists.us.checkpoint.com on
2001/02/06 05:03 AM
Please respond to "Joe Voisin (FW1)" <[EMAIL PROTECTED]>
Sent by: [EMAIL PROTECTED]
To: "FW1 List (E-mail)" <[EMAIL PROTECTED]>
cc:
Subject: [FW1] 4.1 SP0 - 4.1 SP3 upgrade on AIX 4.3.3
I attempted to perform the SP3 upgrade on the weekend with absolutely no
luck. The install appeared to run fine, but nothing would work afterwards.
Encryption between sites failed.
Site A:
RS/6000 B50 / 512Mb RAM / 6 Ethernet Ports.
AIX 4.3.3.01
Checkpoint Firewall-1 4.1 SP0 (Version pre Checkpoint 2000)
Enterprise Encryption Center
Site B:
RS/6000 B50 / 512Mb RAM / 2 Ethernet Ports.
AIX 4.3.3.01
Checkpoint Firewall-1 4.1 SP0 (Version pre Checkpoint 2000)
Firewall Module
I have read that there is no way to upgrade the version of FW-1 that I have
and that I will have to uninstall it and reinstall CP 2000.
My installation method was the standard as described in the release notes.
The install goes without a hitch, it completes successfully, but nothing
works. When I reject the update (installp -r) everything returns to normal
and communications are working.
Any Ideas? Anyone?
According to Checkpoint (don't know why I bother to call) it should work
and
I should not have any problems... I had the same problems with SP2.
Joe
=====================================================================
Joseph Voisin, Systems and Network Administrator, Engel Canada Inc.
www.engelmachinery.com | [EMAIL PROTECTED] | (519)836-0220 x436
=====================================================================
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
============================================================================
====
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
============================================================================
====
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
