This is a really dumb question but, I am running Checkpoint 2000 SP5. I need to change the password for outside users coming into VPN. I see "checkpoint configuration" in the programs section, but it doesn't have a VPN tab. I think i need to access it by using voyager? My question is, how to I access voyager? I put the IP address of the firewall in my browser, no luck.... Thanks in advance!
Tek-Tips is the largest IT community on the Internet today!
Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!
-
Congratulations gkittelson on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!
n00b question
- Thread starter tek777
- Start date
Im not a VPN expert so cant help you with that past
but i may be able to help with the voyager problem.
try usig https instead of http to the ip address
if that doesnt work
check a rule exists that allows http or https from your machine to the firewall
but i may be able to help with the voyager problem.
try usig https instead of http to the ip address
if that doesnt work
check a rule exists that allows http or https from your machine to the firewall
- Thread starter
- #3
Well, i dont even know how to view the rules. I think i need the client piece on my PC. I have the disk, but I am not sure what program. I just started at this company, and someone else who knew checkpoint worked here before me. Even when I am on the server, i dont see how to view the rules, there is no programs installed except one for allowing me to configure interfaces, etc. Maybe i need to install something on the server too to view the rules?
Thanks!
Thanks!
You need to install the Policy Editor software on a management station / PC that will connect to the management platform. You cannot configure firewall rules on the Nokia box itself. Once into the Policy Editor you will be able to reset users passwords by editing the users settings in the User Manager part of the Policy Editor.
In order to allow a PC to connect to the management station you will need to run cpconfig on the Nokia at the command line and add a GUI Client IP address and an Administrator.
If you don't know Firewall-1/VPN-1 then you are going to need some training. It's nothing like configuring Sonicwalls or Watchguards or anything like that. It's serious stuff.
Chris.
**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************
In order to allow a PC to connect to the management station you will need to run cpconfig on the Nokia at the command line and add a GUI Client IP address and an Administrator.
If you don't know Firewall-1/VPN-1 then you are going to need some training. It's nothing like configuring Sonicwalls or Watchguards or anything like that. It's serious stuff.
Chris.
**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************
- Thread starter
- #5
Could i just install something off the CD right one the server? The box is actually a Windows 2000 Server, not nokia, I do have a nokia IP300 at another site. Yea, I am getting up to speed on this, because I took over for someone else.
I have 2 CDs, one says Checkpoint 2000 and the other is SP5 for checkpoint. I am guessing it would be on one of these 2 CDs.
I will try to do training, but right now users cannot VPN in
Ooops
I have 2 CDs, one says Checkpoint 2000 and the other is SP5 for checkpoint. I am guessing it would be on one of these 2 CDs.
I will try to do training, but right now users cannot VPN in
OoopsWhen you talked about accessing it via Voyager I presumed that this was a Nokia (Voyager being the web based management interface for the Nokia series firewalls).
Anyway, if it's on a Win2K box then you would normally have the policy editor installed, but if not you can install it off the setup disk.
'CheckPoint Configuration' is the same as cpconfig so this is where you would define management IP addresses and firewall administrators etc.
Chris.
**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************
Anyway, if it's on a Win2K box then you would normally have the policy editor installed, but if not you can install it off the setup disk.
'CheckPoint Configuration' is the same as cpconfig so this is where you would define management IP addresses and firewall administrators etc.
Chris.
**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************
- Thread starter
- #7
ha ha, OK sorry to confuse you I am very new to checkpoint, I do have voyager running at the other site on a Nokia IP300. I do have the GUI to elect a workstation to access the server, I just do not have the original disk I dont think. We have a license, but I am taking over for a network admin, and having trouble finding stuff. I have a 506e on order to replace this firewall. The VPN on the pix seems confusing, I may use microsoft VPN to start out. Anyway thanks for your help!
Brian
I am very new to checkpoint, I do have voyager running at the other site on a Nokia IP300. I do have the GUI to elect a workstation to access the server, I just do not have the original disk I dont think. We have a license, but I am taking over for a network admin, and having trouble finding stuff. I have a 506e on order to replace this firewall. The VPN on the pix seems confusing, I may use microsoft VPN to start out. Anyway thanks for your help!Brian
- Thread starter
- #8
OH, I forgot to tell you, I fixed the VPN. What i did to fix it was to delete the Database.NDB. Users could then magicly log in.
This is stupid, but i need to make an entry to add an FTP server, but again I cant access the rules base. I gotta figure out what file is associated with the program I need.
I did install some software on the server, It asked me Username, Password and Server. I put the username and password in of the admin, and put the server name in, no luck. It says it cant find the server. I was trying it by using the IP of the firewall.
Oh well, ill keep trying! Thanks!
This is stupid, but i need to make an entry to add an FTP server, but again I cant access the rules base. I gotta figure out what file is associated with the program I need.
I did install some software on the server, It asked me Username, Password and Server. I put the username and password in of the admin, and put the server name in, no luck. It says it cant find the server. I was trying it by using the IP of the firewall.
Oh well, ill keep trying! Thanks!
If you have the software on the management platform for the firewall (ie. the Win2K box) then just put localhost as the server address.
PIX 506E is also good! We've also got one on order.
Chris.
**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************
PIX 506E is also good! We've also got one on order.
Chris.
**********************
Chris Andrew, CCNA, CCSA
chris@iproute.co.uk
**********************
- Thread starter
- #10
OK, i tried 127.0.0.1 and I tried the inside and outside IP with no luck using the admin password. I didnt try to type in "Localhost".
Hey, if you want, we can bounce ideas off each other for the 506e. I got mine with 8x5xNBD Smartnet as well. I am planning on setting up a VPN but have alot of questions. I have an inital configuration, but I am not sure if it is the best setup to use.
506e rocks, I heard they can't make enough of them. We may be replacing the Nokia with a 515, that is our datacenter. I have a 501 3DES for home and experiments, I want to become and expert on the Pix firewall. I hope to start answering other peoples questions, because alot of people have helped me here.
Hey, if you want, we can bounce ideas off each other for the 506e. I got mine with 8x5xNBD Smartnet as well. I am planning on setting up a VPN but have alot of questions. I have an inital configuration, but I am not sure if it is the best setup to use.
506e rocks, I heard they can't make enough of them. We may be replacing the Nokia with a 515, that is our datacenter. I have a 501 3DES for home and experiments, I want to become and expert on the Pix firewall. I hope to start answering other peoples questions, because alot of people have helped me here.
- Status
Similar threads
- Locked
- Question
- Locked
- Question