[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] NG mgmt server not coming up (not listening on tcp/18190)
Hi folks, NG FP2 on IPSO. Combined FM/mgmt-svr. Supplier delivered the wrong licences, a lone VFM (VPN Firewall Module) instead of a VIG (VPN Internet Gateway), so we had to start this one with an EVAL. Then a 2nd EVAL. With still no sign of correct licences we applied a 3rd EVAL the day the 2nd expired. After bouncing the firewall no management clients could connect. The unit was operating happily as an enforcement point, as you'd expect with the original VFM applied (as below). SecureClients no problem. But the unit was not even listening on tcp/18190, which as a mgmt-svr it'd have to be. The correct VIG arrived miraculously (post some shouting) 'soon', but no combination of licences (all correct now) & restarts can get the mgmt-svr to happen. No other config changes, nor suspicious log messages. It looks, to all intents like it's not starting because it's not licenced, but it is. Has anyone seen this sort of behaviour, and/or have any suggestions on how to start mgmt? Thanks v.much, Ian ===== [email protected] ===== On the bad day: firewall[admin]# cplic print Host Expiration Features A.B.C.D 13Aug2002 CPMP-EVAL-1-3DES-NG CPMP-EVAL-1-3DES-NG ... A.B.C.D 14Jul2002 CPMP-EVAL-1-3DES-NG CPMP-EVAL-1-3DES-NG ... A.B.C.D 19Jun2002 CPMP-EVAL-1-3DES-NG CPMP-EVAL-1-3DES-NG ... A.B.C.D never CPVP-VPS-1-NG CPVP-VSC-25-NG ... A.B.C.D never CPVP-VFM-25-3DES-NG ... Tidy (though not working) now: firewall[admin]# cplic print Host Expiration Features A.B.C.D never CPVP-VPS-1-NG CPVP-VSC-25-NG ... A.B.C.D never CPVP-VIG-25-3DES-NG CPVP-VPS-1-NG ... firewall01[admin]# netstat -a|grep tcp tcp 0 0 *.ssh *.* LISTEN tcp 0 0 *.256 *.* LISTEN tcp 0 0 *.257 *.* LISTEN tcp 0 0 *.259 *.* LISTEN tcp 0 0 *.262 *.* LISTEN tcp 0 0 *.264 *.* LISTEN tcp 0 0 *.265 *.* LISTEN tcp 0 0 *.https *.* LISTEN tcp 0 0 *.900 *.* LISTEN tcp 0 0 *.1095 *.* LISTEN tcp 0 0 *.1096 *.* LISTEN tcp 0 0 *.1097 *.* LISTEN tcp 0 0 *.1098 *.* LISTEN tcp 0 0 *.1099 *.* LISTEN tcp 0 0 *.1100 *.* LISTEN tcp 0 0 *.18183 *.* LISTEN tcp 0 0 *.18184 *.* LISTEN tcp 0 0 *.18187 *.* LISTEN tcp 0 0 *.18191 *.* LISTEN tcp 0 0 *.18192 *.* LISTEN tcp 0 0 *.18209 *.* LISTEN tcp 0 0 *.18210 *.* LISTEN tcp 0 0 *.18231 *.* LISTEN tcp 0 0 *.18264 *.* LISTEN [...] ================================================= To set vacation, Out Of Office, or away messages, send an email to [email protected] in the BODY of the email add: set fw-1-mailinglist nomail ================================================= To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ================================================= If you have any questions on how to change your subscription options, email [email protected] =================================================
|