[Youngy]

Hi all,

As you may know I have been having a hell of time getting logging to work consistently on an inherited CP install.

Basically the symptoms are that if you make a policy\object change and push\install the policy the logging from the firewall enforcement stops. The setup is distributed and the management server manages multiple enforcement points.

To get logging to work again I have found that I can do so by:
1. Turn off logging under the properties for the enforcement point object and apply the policy change
2. Turn logging back on under the properties and push the policy again.

Then at that stage you can see logging occurring once again under the tracker.

So far I have applied the latest HFAs to both the enforcement point and management server. The issue remains.

I feel it may be something to do with how the distribution is set up. For example the management machine (windows server) has three bindings on the one NIC. The primary binding and two others obviously.

If the enforcement point can see the primary NIC binding there is no issue, however if the enforcement point sees the management server via one of the other bindings the issue occurs. Now I am suspicious that this is part of the issue.

Has anyone else had any experience like this?

Thanks