Firewall Wizards mailing list archives
Lost DH-key
From: "Joe Ippolito" <joe () joesnet com>
Date: Wed, 2 Feb 2000 10:05:43 -0800
I have had this happen twice now so it is time to query the group with it. When using skip-method VPN's renaming of a remote firewall object on a FW-1 management server results in apparently irrecoverable loss of the Diffe-Hellman key. I do this once in awhile when moving a firewall from one city to another or to bring the object name up to company standards. There is this peculiar "write" button on the interface that allows you to save a copy of the key. I have not found any way to put the key back in though. I asked CP support people what it was for and their response was that it allows the key to be used to manually configure a skip-method VPN on another vendor's product. It would not be a big concern but when it effects a 28-plus node fully-meshed VPN network it means refetching keys and installing policies on all firewalls. Anyone out there ever recover a lost FW-1 DH key?
Current thread:
- RE: Nokia/Checkpoint firewall Starkey, Kyle (Feb 01)
- RE: Nokia/Checkpoint firewall Yin To Chu (Feb 02)
- Lost DH-key Joe Ippolito (Feb 02)
- Re: Lost DH-key Sean Costello (Feb 04)
- Re: Nokia/Checkpoint firewall Joe Ippolito (Feb 02)
- Re: Nokia/Checkpoint firewall Roelof JT Jonkman (Feb 03)
- RE: Nokia/Checkpoint firewall Mike Hartnett (Feb 06)
- Re: Nokia/Checkpoint firewall Jerald Josephs (Feb 06)
- Lost DH-key Joe Ippolito (Feb 02)
- Re: Nokia/Checkpoint firewall Josef Pojsl (Feb 03)
- RE: Nokia/Checkpoint firewall Yin To Chu (Feb 03)
- Re: Nokia/Checkpoint firewall Jerald Josephs (Feb 06)
- Re: Nokia/Checkpoint firewall Josef Pojsl (Feb 07)
- Re: Nokia/Checkpoint firewall Jerald Josephs (Feb 10)
- RE: Nokia/Checkpoint firewall Yin To Chu (Feb 02)