Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations Chriss Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
Remote Administrator fails after upgrade to NG FP3
- Thread starter Nealehull
- Start date
change it to FW-1_mgmt (port 258)this is what fw-1 uses
you may find that when you went from 4.1 to NG it changed rrom inbound analasys to eitherbound (NG only works in eitherbound) analasys so your admin rule wouldnt have been needed so it worked anyway.
i would also strongly advise changing your rule to
management clients group - firewall - fw1_mgmt - accept
you may find that when you went from 4.1 to NG it changed rrom inbound analasys to eitherbound (NG only works in eitherbound) analasys so your admin rule wouldnt have been needed so it worked anyway.
i would also strongly advise changing your rule to
management clients group - firewall - fw1_mgmt - accept
Actually, on NG the GUI port is 18190 and you should start by making sure that your firewall is listening on this port (use 'netstat -an' to check for TCP port 18190 in LISTEN mode).
Then unload your policy (you should unplug the external interface first to be safe) using the NG command 'fw unloadlocal'.
Now connect your GUI client and make sure that your policy includes the right services in the first rule for admin.
Alternatively, and perhaps more correctly, simply install a good SSH client (I prefer Vandyke SecureCRT, but PuTTY is pretty good now) and port forward port 18190. Connect to the firewall on port 22 (SSH) and then run the GUI to connect to localhost (127.0.0.1). Hey Presto, a secure tunnelled GUI connection *and* you dont need to mess around with the GUI-Clients files.
shaggerTM
(Fascist Security Consultant and all-round nice guy).
Then unload your policy (you should unplug the external interface first to be safe) using the NG command 'fw unloadlocal'.
Now connect your GUI client and make sure that your policy includes the right services in the first rule for admin.
Alternatively, and perhaps more correctly, simply install a good SSH client (I prefer Vandyke SecureCRT, but PuTTY is pretty good now) and port forward port 18190. Connect to the firewall on port 22 (SSH) and then run the GUI to connect to localhost (127.0.0.1). Hey Presto, a secure tunnelled GUI connection *and* you dont need to mess around with the GUI-Clients files.
shaggerTM
(Fascist Security Consultant and all-round nice guy).
- Status
Similar threads
- Locked
- Question
- Locked
- Question
