How do I Configuring SSL Authentication for Vigilent Security Agent for VPN-1/Firewall-1? (NETIQKB30611)

  • Document ID:7730611
  • Creation Date:02-Feb-2007
  • Modified Date:07-Jul-2008
    • Micro Focus Products:
      Secure Configuration Manager

Resolution

goal
How do I configure SSL authentication for VigilEnt Security Agent for VPN-1/Firewall-1?

fact
VigilEnt Security Agent for VPN-1/Firewall ? 1 1.1

fact
VigilEnt Security Agent for VPN-1/Firewall ? 1 1.1.1

fix

Follow the steps below if you are using SSL authentication and need to authenticate or re-authenticate the agent with the management module.

  1. Authorize the agent machine. To do this, type the following command on the management module computer:

    fw putkey -opsec -ssl IP_ADDRESS

    Where IP_ADDRESS is the IP address of the agent computer.

  2. Type a secret key phrase and remember it. The secret key phrase can be any string of characters that you want, but keep it short and simple. You must duplicate the string of characters exactly to authenticate the agent machine.

  3. Authenticate the agent machine. To do this, navigate to the VSAF/bin directory on the agent machine (where VSAF is the product directory).

  4. Type the following command at the shell prompt:

    opsec_putkey -ssl -port fw IP_ADDRESS

    Where IP_ADDRESS is the IP address of the Check Point management module computer. Do not use the default 127.x.x.x. Always use a valid IP address.

  5. When you are prompted for a secret key phrase, type the same secret key phrase that you used in Step 2.

  6. Review the output text to verify that authentication initialized. If authentication fails, then contact Technical Support.


Additional Information

Formerly known as NETIQKB30611