Re: [FW-1] ipassignment.conf problem

Subject:	Re: [FW-1] ipassignment.conf problem
From:	Chris Hoff <choff AT CORNERSTONESECURITY DOT COM>
To:	FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Date:	Wed, 28 Apr 2004 14:56:52 -0500

I have seen in the past were the last line of the file actually has to contain 
a <CR>. You might try editing the ipassignment.conf file and placing one after 
util2

Regards,

Chris

-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:FW-1-MAILINGLIST AT 
AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of RISPAL Yannick - NTR ( YRispal AT 
nanterre.sema.slb DOT com )
Sent: Wednesday, April 28, 2004 11:56 AM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] ipassignment.conf problem

Since a couple of days I try to implement "ip per user"  for remote acces vpn 
user with office mode. The office mode feature seen to operate correctly, my 
users retrieved one ip address from the office mode ip pool define. 
Nevertheless my users never get the ip address define in the ipassignment.conf 
in the $FWDIR/conf directory on my firewall module. Until today, my firewall 
module and the smartconsole were R54 release. I have upgraded both of them to 
R55 to see if this would resolve the problem... It don't. But now I have the 
possibility to check the syntax of my file with "vpn afile_check 
ipassignment.conf detail"
"vpn afile_check ipassignment.conf err" and "vpn afile_check ipassignment.conf 
warn".

My ipassignment.conf :

#
# file: ipassignment.conf
#
# Gateway   Type     IP Address     User Name
# ======   =====  ==========  ===================
*                 addr     12.0.0.4,         util1
*                 addr     12.0.0.5,         util2

Here are the results of these commands :

[conf]# vpn ipafile_check ipassignment.conf err Reading file records...
[conf]# vpn ipafile_check ipassignment.conf warn Reading file records...
[conf]# vpn ipafile_check ipassignment.conf detail Reading file records...
Line 0001 is a comment (starts with #)
Line 0002 is a comment (starts with #)
Line 0003 is a comment (starts with #)
Line 0004 is a comment (starts with #)
Line 0005 is a comment (starts with #)
line 0006 is OK.  User="util1"
line 0007 is OK.  User="util2"
Could not read line 8 in conf file - maybe EOF

So, it seem that there is no problem but I don't know if the last line is good 
or not. For me, line 8 in ipassignment.conf doesn't exist (file stop at line 
7). So I don't understand the last line and don't know if It's the cause of the 
problem. If someone can help and give me the right on the ipassignment.conf 
file ( owner and right in fact ) I could also check that point on my server.

Thanks,





Yannick Rispal
Network Engineer
Atos Origin
64 rue du 8 mai 1945
92025 Nanterre Cedex
France
Mail :  <mailto:yannick.rispal AT atosorigin DOT com>
mailto:yannick.rispal AT atosorigin DOT com

Ce message et les pièces jointes sont confidentiels et réservés à l'usage 
exclusif de ses destinataires. Il peut également être protégé par le secret 
professionnel. Si vous recevez ce message par erreur, merci d'en avertir 
immédiatement l'expéditeur et de le détruire.
L'intégrité du message ne pouvant être assurée sur Internet, la responsabilité 
du groupe Atos Origin ne pourra être recherchée quant au contenu de ce message. 
Bien que les meilleurs efforts soient faits pour maintenir cette transmission 
exempte de tout virus, l'expediteur ne donne aucune garantie à cet égard et sa 
responsabilité ne saurait être recherchée pour tout dommage résultant d'un 
virus transmis.


=================================================
To set vacation, Out-Of-Office, or away messages, send an email to LISTSERV AT 
amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your subscription options, email 
fw-1-owner AT ts.checkpoint DOT com 
=================================================

=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================

<Prev in Thread]	Current Thread	[Next in Thread>
[FW-1] ipassignment.conf problem, RISPAL Yannick - NTR ( YRispal AT nanterre.sema.slb DOT com ) Re: [FW-1] ipassignment.conf problem, Chris Hoff <= Re: [FW-1] ipassignment.conf problem, Ray Pesek

Previous by Date:	Re: [FW-1] GUI connection errors, Rob Laidlaw
Next by Date:	[FW-1] Using Office Mode from behind additional firewall interface = Tunnel Test failed (-121)., Geoff Brisbine
Previous by Thread:	[FW-1] ipassignment.conf problem, RISPAL Yannick - NTR ( YRispal AT nanterre.sema.slb DOT com )
Next by Thread:	Re: [FW-1] ipassignment.conf problem, Ray Pesek
Indexes:	[Date] [Thread] [Top] [All Lists]