Troubleshooting guide
Chapter 5 Troubleshooting Open Security Extension 3COM routers: Problem Resolution and Debugging
Advanced Technical Reference Guide 4.1 • June 2000 46
3COM routers: Problem Resolution and Debugging
Common problems resolution for 3Com Routers
Cannot get logs from the router
See the SecureKnowledge Solution (ID: 10022.0.527050.2411096) in the Check Point Technical Services site
Error message while trying to install new license (only for 4.1)
See the SecureKnowledge Solution (ID: 10043.0.4395816.2572453) in the Check Point Technical Services site
OSE does not work when Anti Spoofing is set to other+
See the SecureKnowledge Solution (ID: 10043.0.6958228.2640175) in the Check Point Technical Services site
Debugging of 3Com Routers
To verify whether the VPN-1/FireWall-1 installed the Access List correctly on the router you can use router
commands:
First, run the following command in order to list the current filters:
Show –fw filters
Second, run the following command using the name of the relevant access list (which you retrieve when using
the first command) in order to show the content of the filter.
When having trouble installing the access list from the VPN-1/FireWall-1 GUI you could use the following
command from command line (on the VPN/FireWall management module):
router_load -3com
Syntax
router_load -3com <router> <conf file> <user name|XXX|PROMPT>
<password|XXX|PROMPT> <enable password|XXX|PROMPT> [-command <command>]
The conf file is the router.cl file in the conf directory. This file doesn’t exist when configuring the
router network object on the VPN-1/FireWall-1 GUI. You can create this file by installing the Access list from
the GUI (when the router is not connected to the VPN/FireWall management module).