Nokia Network Security Solutions Handbook

The following Frequently Asked Questions, answered by the authors of this book, are designed to both measure your understanding of the concepts presented in this chapter and to assist you with real-life implementation of these concepts. To have your questions about this chapter answered by the author, browse to www.syngress.com/solutions and click on the "Ask the Author" form.
| Q. | I installed NG FP1 Primary Management Module on a Nokia appliance, but I can't log in with the Check Point NG management clients. What am I doing wrong? | |
| A. | Your management clients must be on the same build as your management module. Verify that your IP address is listed in the gui-clients file and upgrade your management clients to FP1. | |
| Q. | I just upgraded one of my 4.1 firewall modules to NG, and it's not able to fetch a policy. What can I do? | |
| A. | Verify that you have changed the module's version to NG in its workstation object and that you have initialized SIC. You might have to push the policy the first time after an upgrade. | |
| Q. | I keep receiving the error "h_slink: link already exists." Is something wrong? | |
| A. | This message is listed in the release notes, which states that it can be safely ignored. | |
| Q. | During firewall-to-firewall IKE negotiations, the Check Point NG FP2 firewall changes the subnet mask to something other than what I had configured. This was causing the VPN to fail. What... |