 Re: cpconfig
Hi Humayun,
You don't have the option for 'Secure Internal Communication' via cpconfig when it is a managment install.
This is because it is typically reset at an enforcement module, then re-established using the GUI connected to the management server.
This is why I'm sure that you have a managment install or standalone (enforcement module and management on the same box). The fact that there is a Certificate Authority confirms this.
You may have to reconfigure the install if you only want this box to be an Enforcement Module only for example.
Don't issue the 'fwm sic_reset' command on the Management Server if you are managing multiple firewalls and do not want to reset SIC on all of them. Invoking this command will basically though up a warning text and y/n prompt which you should read and understand before accepting.
If you have one problem firewall, it's much better to go to the command prompt and run through the Secure Internal Communication command from cpconfig.
Hope that helps. |