have you tried running tcpdump against the interface the traffic is
coming from on the splat box ? might give some clues.
ian
-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Erik A.
Widholm
Sent: 27 October 2004 12:54
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Lost ssh access to SPLAT firewall!
I lost ssh access to our FW-1 box (R55 FHA_09) a few days ago, and
cannot get it back.
The source IPs for the connection have not changed!
Additional details:
1. the management station used to be able to ssh to the FW1 module, but
is no longer capable of doing so 2. the FW1 module used to be able to
ssh to the management station, but is no longer capable of doing so 3.
the FW1 module shows sshd running (ps -ef)
Very perplexing....
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
NOTICE: This e-mail is intended for the named recipient(s). It may contain
privileged and/or confidential information. If you are not one of the intended
recipients, please notify the sender immediately and destroy this e-mail and
attachment(s): you must not copy, distribute, retain or take any action in
reliance upon the email or attachment(s). While all reasonable efforts are made
to safeguard inbound and outbound e-mails, OAG Worldwide Ltd and its affiliate
companies cannot guarantee that attachments are virus-free or are compatible
with your systems, and does not accept liability in respect of viruses or
computer problems experienced. Thank you.
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
