Quote:
Originally Posted by Danielpb  So 10.10.2.2 is the smart center (windows management station).
On this windows box access the dos prompt box and run cpstart..this will start the checkpoint services. or tell you if they have already started.
You also have to confirm where the mgmt sit's in relation to the firewall and where you connecting from, as your firewall policy might be preventing comms.
Quite basic stuff to be fair.... |
I agree this is basic stuff, that is why I'm Frustrated!! I've already run cpstart on the management server and it tells me it's already running!
If i'm already VNC'd onto the management station then surely I'm not going throughthe ACTUAL ENFORCEMENT MODULE anyway?
So, as far as I can see
1. I'm already connected to the managment station via vnc
2. If I open CPconfig then I can see that my local address 10.10.2.2
is defined as a gui client
3. Checkpoint services ARE running on this machine
4. When I run the GUI client FROM the management server, that is when I get the message about making sure the server is up and running
5. there are some other addresses defines as gui clients
Now these addresses should try and connect via the managment servers natted address. Hwoiever when I try and connect to the public address
from theinternet i get the following error
THE CONNECTION HAS BEEN REFUSED DUE TO ONE OF THE FOLLWING SMARTCENTER SERVER CERTIFICATE PROBLEMS:
1.THE SMARTCENTER SERVER CLOCK IS NOT SETUP PROPERLY
2.THE CERTIFICATES ISSUE DATE IS LATER THAN THE DATE OF THE SMARTCENTER SERVER'S CLOCK
3.THE GUI CLIENT'S CLOCK AND THE SMARTCENTER SERVER'S CLOCK ARE NOT SYNCHRONISED
4. THE CERTIFICATE HAS EXPIRED
5. THE CERTIFICATE IS INVALID
6. I AM VERY VERY CONFUSED, THIS IS HIGHLY ILLOGICAL!!!