[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] Management server connected to multiple networks?
If the firewall is seeing the network A IP of the management station (expected), then the thing to do is to enter that as the IP address to allow on the Network B firewall. Assuming firewall B has a valid route back to network A, you should be set. You could also try NATing the FW control connections destined to the B network with a translate source of the network B interface of the management server (if you have a router handy to do the translation with, or your OS will do that), but option #1 would be easier if it works. Good luck! Dan Hitchcock CCNA, MCSE Network Engineer Xylo, Inc. (formerly employeesavings.com)The work/life solution for corporate thought leaders -----Original Message----- From: Jesse St. Laurent [mailto:[email protected]] Sent: Friday, September 15, 2000 10:12 AM To: [email protected] Subject: [FW1] Management server connected to multiple networks? I currently have a management server that is connected to two networks (A and B). Let's say network A is 10.x.x.x and network B is 192.168.x.x. I have a number of firewalls on the A network that are currently managed with no problems. I am in the process of trying to get a new firewall up on network B and not able to push down a rulebase. I get an authentication failed. The strange thing is that the IP referenced in the authentication failed message is the management consoles IP on the A network. The management server and firewall objects in question all list network B as their primary IP. The firewall in question lists its master as the network B address of the management server. I have redone the putkeys several times and still no luck pushing the policy. Any ideas? Thanks, - Jesse ----------------------------------------------------------- Jesse St. Laurent Corporate Technologies, Inc. www.cptech.com============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|