fw unloadlocal , does SIC check out good? When you try to install a policy what
error(s) do you see. Are you getting logs from this module?
-GS
-----Original Message-----
From: Mailing list for discussion of Firewall-1 [mailto:FW-1-MAILINGLIST AT
AMADEUS.US.CHECKPOINT DOT COM] On Behalf Of Crist Clark
Sent: Monday, July 24, 2006 3:51 PM
To: FW-1-MAILINGLIST AT AMADEUS.US.CHECKPOINT DOT COM
Subject: [FW-1] Bad Anti-Spoof Recovery
I have an enforcement module that appears to have a "bad"
policy installed. That is, it feels that traffic coming in
from the management server is spoofed. So how does one
install a corrected policy on this system? Obviously, you
cannot push a policy, but sometimes traffic originating from
the firewall itself gets through the anti-spoofing, so I
thought a,
# fw fetch <master>
Might work, but I no. So then I tried,
# fw ctl uninstall
To kill the anti-spoofing, but the fetches would still fail.
What is a procedure to "reaquire" a module that has incorrectly
decided the management server is spoofing?
--
Crist J. Clark crist.clark AT globalstar DOT com
Globalstar Communications (408) 933-4387
B¼information contained in this e-mail message is confidential, intended only
for the use of the individual or entity named above. If the reader of this
e-mail is not the intended recipient, or the employee or agent responsible to
deliver it to the intended recipient, you are hereby notified that any review,
dissemination, distribution or copying of this communication is strictly
prohibited. If you have received this e-mail in error, please contact
postmaster AT globalstar DOT com
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
=================================================
To set vacation, Out-Of-Office, or away messages,
send an email to LISTSERV AT amadeus.us.checkpoint DOT com
in the BODY of the email add:
set fw-1-mailinglist nomail
=================================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
=================================================
If you have any questions on how to change your
subscription options, email
fw-1-owner AT ts.checkpoint DOT com
=================================================
|
