Manualshelf

Troubleshooting guide

ManualsBrandsBay Networks ManualsComputer equipmentBayRS
41424344454647484950
Chapter 4 Troubleshooting Routers and Embedded Systems VPN-1/FireWall-1 configuration for a Nortel (Bay Networks) BayRS router
Advanced Technical Reference Guide 4.1 June 2000 37
wfRFwallGroup.wfRFwallLocalHostIpInt.0 = 0
wfRFwallGroup.wfRFwallVersion.0 = 2
wfRFwallGroup.wfRFwallHmemMin.0 = 50000
wfRFwallGroup.wfRFwallHmemMax.0 = 100000
wfRFwallGroup.wfRFwallLogHostIpBkp1.0 = 0.0.0.0
wfRFwallGroup.wfRFwallLogHostIpIntBkp1.0 = 0
wfRFwallGroup.wfRFwallLogHostIpBkp2.0 = 0.0.0.0
wfRFwallGroup.wfRFwallLogHostIpIntBkp2.0 = 0
When the connection timed out while trying to install policy
1. Check the communications from the management station to the router. Make sure you can ping the router
from a DOS Prompt using the IP address.
2. Next, check to see if you can ping the router using the name described for the object in the Network Object
Manager. On Windows NT, the “hosts” file is located under \winnt\system32\drivers\etc\hosts. Check to
see if the name in this file can be resolved.
3. If you still have problems downloading a Rule Base, try and synchronize the secret keys between the Check
Point Management Station and the Nortel (Bay) Router as follows:
On the router, type in
fwputkey <secret key> <IP Address of Check Point Management Station>
On the management station
fw putkey <secret key> <IP Address of Router>
4. The fw bload command could be used to compile and install the security policy on the embedded
module. You can use this command from the command line.
Command’s syntax:
fw bload [inspect-file | rule-base] target...