[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [FW1] Encryption - can you please explain
[ The following text is in the "iso-8859-1" character set. ]
[ Your display is set for the "US-ASCII" character set. ]
[ Some characters may be displayed incorrectly. ]
Well, the painless method to make this work is have the encryption license
for both fw module and the management console.
This will make you able to exchange info between the mgmt and the firewall
module using fw* encryption.
If you have a fw module w/ encryption and a mgmt module w/o it, you MUST
hack your control.map to turn off encryption between the modules and use
s/key authentication between them.
I strongly recommend encryption module on both, suggestions different than
mine are welcome!
Best wishes,
Aylton Souza
Security Consultant
CCSA/E/I
Hitech - Brazil
-----Mensagem original-----
De: sirving@ca.ibm.com <sirving@ca.ibm.com>
Para: Peter Schwalger <pschwalger@cardinal.co.nz>
Cc: fw-1 <fw-1-mailinglist@lists.us.checkpoint.com>; Peter Schwalger
<pschwalger@cardinal.co.nz>
Data: Segunda-feira, 29 de Março de 1999 10:12
Assunto: Re: [FW1] Encryption - can you please explain
>
>I "believe" you have to buy encryption for the management station. I have
>tested the same scenario in the lab with aix but I haven't had the time to
>really research it. Doesn't your reseller know??
>
>
>
>
>"Peter Schwalger" <pschwalger@cardinal.co.nz> on 03/28/99 06:52:21 PM
>
>Please respond to "Peter Schwalger" <pschwalger@cardinal.co.nz>
>
>To: "fw-1" <fw-1-mailinglist@lists.us.checkpoint.com>
>cc: "Peter Schwalger" <pschwalger@cardinal.co.nz> (bcc: Stuart
> Irving/Markham/IBM)
>Subject: [FW1] Encryption - can you please explain
>
>
>
>
>
>
>Hi,
> I posted a similar message a few weeks ago but got no response and
>need
>some help as Im in the dark as to what I need to set up encryption.
>
>I have two firewalls (both NT4.0 SP3) which I manage from a Management
>server.
>Firewalls are Checkpoint FW1 ver3.0b patch 3072.
>
>Im looking at establishing both a VPN and/or securemote sessions from one
>of
>the firewalls but when I went to define a rule for the encryption domain
>that the encryption properties under the action field are not valid options
>(grayed out).
>
>The firewall I am trying to set up the VPN & securemote to is licensed for:
>
>CPFW-FM-U firewall module
>CPFW-ENC-FWZ1 encryption module
>
>
>The management server is licensed for:
>
>CPFW-ESC-U enterprise security console
>
>Do I need to purchase encryption for the Management server to make this
>work?
>
>Peter.
>
>
>
>
>===========================================================================
>=====
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>===========================================================================
>=====
>
>
>
>
>
>
>===========================================================================
=====
> To unsubscribe from this mailing list, please see the instructions at
> http://www.checkpoint.com/services/mailing.html
>===========================================================================
=====
>
================================================================================
To unsubscribe from this mailing list, please see the instructions at
http://www.checkpoint.com/services/mailing.html
================================================================================