TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ---------------------------------------------------------------------------- There were some problems with this. If I remember correctly it works w/ FW-1 4.0 but not 4.1, or something like that. Anyway, if you contact ISS support they know all about it and can help you further. Alex F [EMAIL PROTECTED] -----Original Message----- From: Filip Sneppe [mailto:[EMAIL PROTECTED]] Sent: Wednesday, July 19, 2000 12:17 PM To: [EMAIL PROTECTED] Subject: RealSecure 3.2 & FW-1 OPSEC problem TO UNSUBSCRIBE: email "unsubscribe issforum" in the body of your message to [EMAIL PROTECTED] Contact [EMAIL PROTECTED] for help with any problems! ---------------------------------------------------------------------------- Hi, I am experiencing some problems trying to get RealSecure to talk to a Checkpoint FW-1 4.1 via OPSEC in a test environment. The Realsecure console and network engine are on the same (NT) computer. The Firewall-1 GUI, management station and firewall engine are also on one NT host. I am basically following the steps described in the "Using RealSecure to Configure Check Point FireWall-1" tech note. The FW PUTKEY on the FW-1 appears to be successful, as is the opsec_putkey on the RealSecure machine: C:\Program Files\ISS\RealSecure 3.2>opsec_putkey 10.0.0.1 Enter secret key: Again secret key: OPSEC: Received new control security key from 10.0.0.1 Authentication with 10.0.0.1 initialized However, as soon as the Realsecure detects an attack and it is supposed to undertake an OPSEC action, I get a "SamSendAction Failed to send action for host ..." high priority message on the console. I have followed the troubleshooting/debugging steps described in the tech note (starting the network engine from a command prompt) and there seems to be an OPSEC related problem. When I start the network engine from the command prompt and set the debugging level to 3, I get: C:\Program Files\ISS\RealSecure 3.2>network_engine.exe Reloaded The General Configurations for the Engine. RealSecure Starting. Product Version '3.2.1999.350' error in opsec_connect Reloading user defined strings into finders. Opening Adapter "[1] Compaq Netelligent 10/100 TX PCI UTP Network Adapter". Using driver version "3.1.1999.124". When the RealSecure is supposed to be contacting the FW-1, I get: Send Firewall request: 172.20.8.1 SamSendAction Failed to send action for host: 172.20.8.1 Send Firewall request: 172.20.8.1 SamSendAction Failed to send action for host: 172.20.8.1 I did't capture any network traffic between the RealSecure box and the FW-1. As described in the tech note, I rebooted the FW-1 to make sure (also rebooted the RealSecure), but to no avail. Any help on this would be greatly appreciated. Also, I am thinking about reinstalling the TCP/IP protocol on the RealSecure machine and reapplying an NT service pack, but I don't know if the RealSecure installation has modified anything to the NT TCP/IP stack that will be broken by a protocol reinstall... -Regards, Filip
RE: RealSecure 3.2 & FW-1 OPSEC problem
Filacchione, Alex (ISSAtlanta) Wed, 19 Jul 2000 09:45:31 -0700
- RealSecure 3.2 & FW-1 OPSEC problem Filip Sneppe
- RE: RealSecure 3.2 & FW-1 OPSEC pr... Gregor Munro
- Filacchione, Alex (ISSAtlanta)
