Authentication Failure

["Joe Ippolito - President SVNPA" <joe () joesnet com>]

Some time ago we installed the enterprise version of Firewall-1 on NT 4. 
 Recently I tried to install two more firewall only modules and get 
authentication failures.  The error message in the remote server's event 
log is: "Log authentication with <ip address of management server> failed". 
The error message in the management server's event log is: "Authentication 
with <management server> for command log failed".  When I try to install a 
security policy from the GUI client I get:  "Authentication for command 
load failed; Failed to Install Security Policy on <remote firewall>: 
Unauthorized action".

Another strange thing that happens is that when I try to connect to the 
management server/firewall with a GUI client on the outside I get the 
eternal loading objects screen.  If I install an ANY ANY ANY rule on the 
firewall I can then load objects at the remote GUI client.  Even after I 
put the previous policy back in I can still get in remotely several times 
before I get the eternal loading objects screen.

The ip address of the remote firewall is in the configuration at the 
management server and the master ip address is in the configuration for the 
remote and the passwords match.  Both machines have NT SP 3 and all 
hotfixes.  Firewall-1 build is 3045b no VPN or DES.

The applicable lines of our control.map are:

MASTERS: stat,getkey,gettopo/none                            */fwa1
CLIENT: load,db_download,fetch,log/fwa1                             */none
*: stat,getkey,gettopo/none    unload,ioctl,load,db_download/deny 
  */fwa1

Is */fwa1 appropriate?

Any ideas/suggestions would be greatly appreciated.