I'm running two FW-1s in parallel on identical Sun E250s running Solaris 7.
Current FW-1 version is Version 4.1 Build 41814 [VPN + DES + STRONG]. I
followed CP's guidelines for setting up state synchronization between the
two firewall modules (sync.conf on each, fwputkey on both, etc). I thought
I was running synchronized, but now I'm not sure. I ran fw ctl pstat on
both firewalls and got
sync old ver working
sync out: on sync in: off
Snooping the interface for the private network I use between the firewalls
and the management module shows traffic being exchanged. But if state info
is being shared between the two FWs, then why doesn't pstat show sync out
and sync in both on?
Any insight would be appreciated.
TIA,
Dan
----------------------------------------------------------------------------
-
Daniel R. (Dan) Dunn, EE
Principal INFOSEC Engineer, GRC Int'l (an AT&T company)
OSD-ITD Firewall Administrator
p: 703-614-8086, ext 500
The opinions expressed by the author are entirely his own, and do not
reflect those of AT&T, GRCI, Inc., or their subsidiaries, nor do they
reflect policy, opinion, or endorsement by the US Department of Defense or
any of its agencies.
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================
