|
|
|
|
|
|
|
|
 |
 |
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] RE: [FW1] NATing the Management Server
Let me try to help here... You can license the mgmt station under the invalid address. However, you will need to do the following to get authentication between the Mgmt server and the remote FW module working: Assuming you are starting fresh... 0. do an $FWDIR/bin/fwstop on the remote fw module and mgmt module 1. on the fw module: -edit $FWDIR/conf/masters file and add the invalid IP of the managment module -edit $FWDIR/lib/control.map file;copy the MASTERS line and paste a new line above existing MASTERS line;rename "MASTERS" to the invalid IP of the management server -do an $FWDIR/bin/fw putkey -p <pass> <mgmt valid ip> <mgmt invalid ip> 2. on the management: -edit $FWDIR/clients file and add the IP of the remote module -do an $FWDIR/bin/fw putkey -p <pass> <fw module ip> 3. -do an $FWDIR/bin/fwstart on mgmt module -do an $FWDIR/bin/fwstart on fw module ...make sure not to use the "-n <ip>" option when doing the "fw putkey"...else things won't work... If you are not starting fresh... you may need to remove some files; because re-doing putkeys doesn't work at times... ;) ...also, I don't remember if you also need the valid IP of the mgmt station on the fw module's $FWDIR/conf/masters file or not... Hope this helps... Amin Tora ePlus Technology http://www.eplus.com This message may contain confidential and/or proprietary information, and is intended only for the person / entity to whom it was originally destined. The use of this information and unauthorized access to this information for any other means is strictly prohibited. The content of this message may also contain private views and opinions that do not constitute a formal disclosure or commitment unless specifically stated. -----Original Message----- From: David [mailto:[email protected]] Sent: Monday, January 08, 2001 1:13 PM To: [email protected] Subject: [FW1] NATing the Management Server I have an external FW module in a different office and I want it to report to a management server in another office. They have no logical connection other than the internet. I would assign the FM server a valid IP address as its master, then NAT it to my internal management server. I would assign the management server with an invalid IP address and register the license. As long as I open the proper ports, would this be a problem? Or MUST I use a valid IP address on the Management Server? Look forward to hear from someone! Thanks alot! David __________________________________________________ Do You Yahoo!? Yahoo! Photos - Share your holiday photos online! http://photos.yahoo.com/ ============================================================================ ==== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ============================================================================ ==== ================================================================================ To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================================================
|
||||||||||
 |
 |
 |
 |
 |
 |
 |
 |
 |
|
