 | ||
 SIC name error when fetching after ngx upgrade on Win2003 | ||
| CPUG | |
| The Check Point User Group | |
| A Resource For The Check Point Community. Fast. Useful. Independent. | |
|
| |||||||
 |
| | LinkBack | Thread Tools | Display Modes |
 2005-11-10 | |||
| |||
 SIC name error when fetching after ngx upgrade on Win2003 We are in the process to upgrade our SmartCenter from NG to NGX. We upgraded the Smartcenter Server to NGX (HFA-1 + Backward Compatibility package for R55 Gateway) We are able to push new rules from SmartDashboard but when we want to fetch rules from the gateway(NG) using the "fw fetch" command we get the folowing error: Management rejected fetch for this module - sic name does not match. Gateway Config: Solaris 9 + HFA-12 Old SmartCenter: Win2000 SP4 Fully Patched + NG HFA-12 New SmartCenter: Win2003 SP1 Fully Patched + NGX HFA-01 + Backward Compatibility Package for R55 Gateway GUI client: WinXP SP2 + NG HFA-1 + NGX with no HFA Steps Taken: 1-SmartCenter:Upgraded lisences before upgrade from the "fetch from file" button in cpconfig interface 2-Cpstop on SmartCenter+used "upgrade_export.exe" from NGX CD-Rom 4-Configure new SmartCenter Server with new hardware new OS(Win2003Sp1) and the same IP than the old Server 5-Install NGX SmartCenter using "imported configuration" (Used upgrade tools from the CD) 6-Reboot+Install HFA-1+Install Backward Compatibility Package+Reboot 7-Start SmartDashBoard from GUI and push succefully rules 8-Login on gateway and try to fetch using "fw fetch" command and get the sic error 9-Reset sic on gateway using the cpconfig menu (See SK30579)-get the same error 10-Compared sic in registry (See SK30579) and its ok 11-Reset sic on the SmartCenter using "fwm sic_reset" command(See SK13176 + SK14532)-get the same error 13-Already tested upgrade with Smartcenter on WIn2000 SP4+NGX and it works fine. The problem seems only to be there when using imported configuration with a Win2003 Server SmartCenter  |
| 2005-11-10 | |||
| |||
| Re: SIC name error when fetching after ngx upgrade on Win2003 Have tested theses configurations too: Fresh Solaris 9 Install as a NGX Gateway + Fresh Win2003SP1 NGX SmartCenter with brand new rules --> No SIC error --> Then use "upgrade_import" to import our config and then the SIC error get back even if we reset sic on both sides. We also got the same problem in the past when we tried to upgrade NG SmartCenter From NT4 to 2003 and finally Give up and only upgraded to Win2000 Last edited by jeepee; 2005-11-13 at 20:45. |
| 2005-11-17 | |||
| |||
| Re: SIC name error when fetching after ngx upgrade on Win2003 Again, just a quick thought, but I noticed you said the new server had the same IP address. Did you make sure the name was the same? The Check Point CA is built from the hostname of the server. If that was not the same, there would definitely be SIC problems... __________________ ==================== Aaron Vivo CCSE Plus, CCMSE, NSA ==================== |
| 2005-11-17 | |||
| |||
| Re: SIC name error when fetching after ngx upgrade on Win2003 Yes, same name. And the SIC is ok in the registry of the gateway and the management. I'm currently with CheckPoint for the issue but don't find anything at this moment. |
| 2005-11-17 | |||
| |||
| Re: SIC name error when fetching after ngx upgrade on Win2003 My only thought would have been to do the sic_reset but you have already done that. Guess you could try doing the sic_reset and also resetting the SIC on the enforcement module at the same time. |
|
| Thread Tools | |
| Display Modes | |
| |
Linear Mode
