Firewall Wizards mailing list archives
Authentication Failure
From: "Joe Ippolito - President SVNPA" <joe () joesnet com>
Date: Thu, 19 Mar 1998 16:05:12 -0800
Some time ago we installed the enterprise version of Firewall-1 on NT 4. Recently I tried to install two more firewall only modules and get authentication failures. The error message in the remote server's event log is: "Log authentication with <ip address of management server> failed". The error message in the management server's event log is: "Authentication with <management server> for command log failed". When I try to install a security policy from the GUI client I get: "Authentication for command load failed; Failed to Install Security Policy on <remote firewall>: Unauthorized action". Another strange thing that happens is that when I try to connect to the management server/firewall with a GUI client on the outside I get the eternal loading objects screen. If I install an ANY ANY ANY rule on the firewall I can then load objects at the remote GUI client. Even after I put the previous policy back in I can still get in remotely several times before I get the eternal loading objects screen. The ip address of the remote firewall is in the configuration at the management server and the master ip address is in the configuration for the remote and the passwords match. Both machines have NT SP 3 and all hotfixes. Firewall-1 build is 3045b no VPN or DES. The applicable lines of our control.map are: MASTERS: stat,getkey,gettopo/none */fwa1 CLIENT: load,db_download,fetch,log/fwa1 */none *: stat,getkey,gettopo/none unload,ioctl,load,db_download/deny */fwa1 Is */fwa1 appropriate? Any ideas/suggestions would be greatly appreciated.
Current thread:
- Authentication Failure Joe Ippolito - President SVNPA (Mar 20)