|
|
sofaware.infopop.cc SofaWare Discussion Groups SmartCenter Management Error when trying to add to SmartCenter Topic Closed|
Go
|
New
|
Find
|
Notify
|
Tools
|
|
Junior Member |
I'm trying to attach a VPN1-Edge (fw 6.0.72) to a SmartCenter Server (NGX).
When trying to connecto from the Edge I get the following error: "The actual gateway ip conflicts with the configured gateway ip" I have to mention that we're trying to connect to the SmartCenter from the LAN ports and not the WAN Ports, and to reach the SmartCenter the Edge device has to pass through another firewall (which has the proper rules in place allowing this). We were wondering if it is a product limitation that you can only administer and Edge device from a SmartCenter using the WAN interfaces and not any other interface. Regards, Jaime. |
||
|
|
Junior Member |
Did anyone ever answer to this valid question?
I am also in the situation where i want to let Smartcenter administer edge boxes from the inside. Got the same problem... |
|||
|
|
Junior Member |
Hi,
when connecting the Edge device to the Smartcenter and the SmartCenter is located behind the LAN interface the source of the packet is the internal interface of the edge device. In order to solve your issue you can do the follwing steps: 1.Define the Edge as a dynamic IP address object in the SmartCenter. 2.Modify the SWManagementserver.ini file In order to solve the issue you need to disable the IP enforcement on the SMS. Please do the following steps: Run smsstop 1.Go to cd /opt/CPsuite-R60/fw1/conf/sofaware 2.Edit the SWManagementServer.ini file 3.Change the following value Setting this to true will allow static ip gateways to connect from a different ip : from DisableIpLock=false to DisableIpLock=true 4.Run smsstart |
|||
|
|
Junior Member |
Frater, you have to modify a file on the management server to allow centralizaed management through the LAN ports.
The file is: /opt/CPsuite-R60/fw1/conf/sofaware/SWManagementServer.ini Look for this: DisableIpLock=false and change it to this: DisableIpLock=true Once done this, run "smsstart" I've come aware of a bug in 6.0.x series that, if the WAN port is down the edge will not connect to the management. Somebody told me that this is fixed in 6.5 but no (at least) in 6.5.15 Hope it helps. |
|||
|
|
Junior Member |
Excellent stuff!
This solved the biggest of my problems with managing the Edge box from SC. Thank You.  The second one is the forced Host mask (255.255.255.255) that SC applies to what it sees as the WAN interface. Is it possible to unlock this field in the topology view? I assume I will run into all kinds of strange rule problems otherwise? I can see that smartmap is assigning a host based network segment in connection to the existing class-C segment i have outside the Edge firewall. [Edit] I went into objects_5_0.C and manually changed the subnet mask from 255.255.255.255 to 255.255.255.0. After restarting SC the topology looks fine. Possibly I broke the rest of the objects file, but I guess that will be evident soon enough... This message has been edited. Last edited by: Frater, |
|||
|
| Powered by Eve Community |
 | Please Wait. Your request is being processed... |
Topic Closed sofaware.infopop.cc SofaWare Discussion Groups SmartCenter Management Error when trying to add to SmartCenter | View $GS_USERNAME's Public Profile |
| Add $GS_USERNAME to my Ignore List |
| View Recent Posts by $GS_USERNAME |
| Notify me of New Posts by $GS_USERNAME |