Your best bet is to follow the instructions in the *management* upgrade
guide, upgrade_mgmt_srvr.pdf. You can find it if you poke around CP's
documentation. You will, of course, need a login. My guess is that you did
not migrate the registry properly, or that you changed hostname and/or IP
address. This is all covered in that guide.
Good luck!
Regards,
Matt Goddard
Security Information Team
Schneider National, Inc.
|---------+-------------------------------------------->
| | Stig Bull |
| | <stig.bull AT HUGINONLINE DOT COM> |
| | Sent by: Mailing list for |
| | discussion of Firewall-1 |
| | <FW-1-MAILINGLIST AT AMADEUS.US DOT CHEC|
| | KPOINT.COM> |
| | |
| | |
| | 12/29/2004 01:31 AM |
| | Please respond to Mailing list |
| | for discussion of Firewall-1 |
|---------+-------------------------------------------->
>----------------------------------------------------------------------------------------------|
|
|
| To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
|
| cc:
|
| Subject: [FW-1] upgrade_export
|
>----------------------------------------------------------------------------------------------|
I'm upgrading from NGFP3 (IPSO and a single SPLAT box) to NG AI R55.
First to go is the management server which currently is a Windows 2000
box.
I've already upgraded the mgmt server to AI and it works fine
afterwards, but I want to get rid of Windows and install it as a SPLAT
mgmnt server instead.
Q1: So just to make sure I understand this correctly, I run an
upgrade_export and FTP the files to a server, "trash" the Windows box
and install SPLAT on it, FTP the files back and then run upgrade_import
and everything is fine again? I know this is in theory, but....?
Q2: Will this process also import all licensing information or do I need
to reinstall the licenses?
Q3: Will I need to push the policy on the modules after upgrading, the
upgrade_guide.pdf document on p37 says this; I pushed the present W2K
R55 policy to a less important firewall, and while everything seems ok,
the following errors appears in the log:
Dec 28 13:38:34 FW [LOG_CRIT] kernel: set_timeout_to_MSPI_by_methods:
not in MSPI_by_Methods Dec 28 13:38:34 FW [LOG_CRIT] kernel:
set_timeout_to_MSPI_by_methods: not in MSPI_by_Methods Dec 28 13:38:53
FW [LOG_CRIT] kernel: FW-1: fw_runfilter: wrong number of arguments (0
!= 2) to function gtp_path_code (58) Dec 28 13:38:53 FW [LOG_CRIT]
kernel: FW-1: fw_runfilter: wrong number of arguments (0 != 2) to
function gtp_path_code (58)
Has anyone seens these? The pre_upgrade verifier tool just gave some
informational messages about some of the files which might have to be
manually edited after the upgrade.
--
Stig Bull
System Administrator, Hugin ASA
http://www.hugincorporate.com
Phone: +47 22 80 79 89 Mobile: +47 91 60 88 74 Fax: +47 22 80 79 79
- Your reputation connects through Hugin
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
