IP change on interface

pop_alex · #1 (**permalink**) 2006-01-08

Hi,

I'm going to change the public IP on our external interface of firewall to a new one. I'm aware if I change it, I have to update and re-install the policies accordingly in order it to take an immediate effect. Any other things that I should look into before proceed with this?

Thanks.

Lackie · #2 (**permalink**) 2006-01-09

If your license is bound to the external IP address you will have to get it changed to the new IP address.

herrmadbeef · #3 (**permalink**) 2006-01-09

just in case refresh ur topology

pop_alex · #4 (**permalink**) 2006-01-10

Thanks,

What about changing the hostname? Is it ok by just refreshing the network topology after applied?

Regards.

Lackie · #5 (**permalink**) 2006-01-10

If you change the hostname of the management station, you will have to reset sic with all of your firewalls as this is based on hostname.

pop_alex · #6 (**permalink**) 2006-01-10

Quote:

Originally Posted by Lackie

If you change the hostname of the management station, you will have to reset sic with all of your firewalls as this is based on hostname.

No. I'm not going to change the hostname of management station. Only the enforcement server.

Lackie · #7 (**permalink**) 2006-01-10

Sorry, mis-understood. If you change the hostname of the enforcement point, you will have to reset sic on to that enforcement point.

pop_alex · #8 (**permalink**) 2006-01-10

Quote:

Originally Posted by Lackie

Sorry, mis-understood. If you change the hostname of the enforcement point, you will have to reset sic on to that enforcement point.

Yeap! Correct! :)

pop_alex · #9 (**permalink**) 2006-04-10

Oh! By the way, if I want to change IP of management server, I need to reset SIC on enforcement servers as well. But, will it disrupt the firewall operation ? If I'm not mistaken, it will restart the firewall services after reset via CPCONFIG.

kva.kva · #10 (**permalink**) 2006-04-10

It is not necessarily to do cprestart right now, you can do it later. You cannot to establishe SIC after reset until you do "cprestart" and you module will be use old policy from your SmartCenter.

RayPesek · #11 (**permalink**) 2006-04-11

I thought that since SIC is SSL-based, that you do not have to reset it for an IP address change, just a name change.

BTW, don't forget to update the HOSTS file on the SmartCenter and enforcement module for the IP address change.

Ray

olumide · #12 (**permalink**) 2006-06-01

Quote:

Originally Posted by pop_alex

Hi,

I'm going to change the public IP on our external interface of firewall to a new one. I'm aware if I change it, I have to update and re-install the policies accordingly in order it to take an immediate effect. Any other things that I should look into before proceed with this?

Thanks.

I am looking to do the same thing, Have you had a solution yet

Thread Tools
Show Printable Version Email this Page
Display Modes
Linear Mode Switch to Hybrid Mode Switch to Threaded Mode