CPUG: The Check Point User Group

Resources for the Check Point Community, by the Check Point Community.


Tim Hall has done it again! He has just released the 2nd edition of "Max Power".
Rather than get into details here, I urge you to check out this announcement post.
It's a massive upgrade, and well worth checking out. -E

 

Results 1 to 7 of 7

Thread: Network behind FW1 not working after adding license

  1. #1
    Join Date
    2009-06-24
    Posts
    3
    Rep Power
    0

    Default Network behind FW1 not working after adding license

    Recently, we changes our ISP and hence the FIXED IP sets for firewall and network became different. I have re-issued the FW1 license from Checkpoint user-center, and have successfully ADDED on to the existing license (old IP set still valid and working). After making all changes on Network object, Interface and Rule plus changing the ip address for NIC then rebooted. The FW1 can gain internet access ok and DNS1 (192.168.0.1) & DNS2 (192.168.0.2) also got internet access, however only these 2 servers (DNS1&2) along with hundred others are behind this FW1.

    Can anyone help to see what might be our problem? Thanks

  2. #2
    Join Date
    2006-07-28
    Location
    San Francisco, USA
    Posts
    2,494
    Rep Power
    16

    Default Re: Network behind FW1 not working after adding license

    If you're changing IP addresses, then double-check routing, NAT, and any proxy ARP you may have.

  3. #3
    Join Date
    2007-04-10
    Location
    India
    Posts
    232
    Rep Power
    13

    Default Re: Network behind FW1 not working after adding license

    licensing will not create this type of problem please check you logs in tracker if you are still unable to get the resolution check through TCPDUMP tool, or for NATTING issue you can check in fw monitor, use fw monitor in critical issue only it increases the load on cpu.

  4. #4
    Join Date
    2009-06-24
    Posts
    3
    Rep Power
    0

    Default Re: Network behind FW1 not working after adding license

    Quote Originally Posted by northlandboy View Post
    If you're changing IP addresses, then double-check routing, NAT, and any proxy ARP you may have.
    I'v checked and modified all the Network Objects and Interfaces in the System Policy with the new IP addresses. Except for the ARP, where about do i modify the ARP routing? I'm using WinNT4.1 and if needed I can upload the draft network diagram for further study.

    But if the routing is incorrect, when 2 of my servers are able to gone thru?

  5. #5
    Join Date
    2006-07-28
    Location
    San Francisco, USA
    Posts
    2,494
    Rep Power
    16

    Default Re: Network behind FW1 not working after adding license

    Quote Originally Posted by hk_batman View Post
    I'm using WinNT4.1
    Are you seriously using NT?

  6. #6
    Join Date
    2009-06-24
    Posts
    3
    Rep Power
    0

    Default Re: Network behind FW1 not working after adding license

    Quote Originally Posted by gavvys View Post
    licensing will not create this type of problem please check you logs in tracker if you are still unable to get the resolution check through TCPDUMP tool, or for NATTING issue you can check in fw monitor, use fw monitor in critical issue only it increases the load on cpu.
    That's good to know, so i don't need to remove my previous license. Thanks

  7. #7
    Join Date
    2007-04-10
    Location
    India
    Posts
    232
    Rep Power
    13

    Default Re: Network behind FW1 not working after adding license

    Quote Originally Posted by hk_batman View Post
    Recently, we changes our ISP and hence the FIXED IP sets for firewall and network became different. I have re-issued the FW1 license from Checkpoint user-center, and have successfully ADDED on to the existing license (old IP set still valid and working). After making all changes on Network object, Interface and Rule plus changing the ip address for NIC then rebooted. The FW1 can gain internet access ok and DNS1 (192.168.0.1) & DNS2 (192.168.0.2) also got internet access, however only these 2 servers (DNS1&2) along with hundred others are behind this FW1.

    Can anyone help to see what might be our problem? Thanks
    tell me one thing, if you are changing the IP address, then why you are using the previous IP address, remove that IP and remove the licence related to that IP also.
    Why you are using so old OS and what the version of Checkpoint.Change all that to latest things.

Similar Threads

  1. Adding a static Route to remote network
    By mdalton in forum Topology Issues
    Replies: 6
    Last Post: 2009-05-26, 13:33
  2. Adding license in production environment
    By archie100 in forum Licensing
    Replies: 8
    Last Post: 2009-01-25, 02:07
  3. Bulk adding routes, is it possible? (Also, network definitions in Dashboard)
    By JohnMH in forum Check Point SecurePlatform (SPLAT)
    Replies: 4
    Last Post: 2008-12-12, 09:37
  4. Adding New Network Card R61
    By prasanth_ch in forum Installing And Upgrading
    Replies: 1
    Last Post: 2008-03-04, 04:31
  5. Adding a network for secureclient access
    By bspreston in forum SecureClient/SecuRemote
    Replies: 6
    Last Post: 2007-09-24, 04:33

Tags for this Thread

Bookmarks

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •