1 Reply Latest reply on Apr 26, 2011 1:15 PM by sliedl

    Unable to restore config backup in secondary backup file

      Hi all,


      I am restoring config back up from Primary firewall to secondary Unit.

       

      Primary config is the HA config.


      Both primary and secondary firewall are at same version and same patch level.even number of interface also same.

       

       

      Primary firewall package

      Local Packages                                           

                                                -------------------                                         

                             CommandCenter Management Version: 7.0.1.02.CC.4.0.0.05.01                      

      What              When               Status     Description

      ================= ================== ========== =======================================================

      70100             25-Apr-11 23:04    installed  Sidewinder 7.0.1.00 IPv6 Phase 1

      70101             25-Apr-11 23:04    installed  Sidewinder 7.0.1.01 FIPS 140-2 Level 2

      70102             25-Apr-11 23:04    installed  Sidewinder 7.0.1.02 Transparent Firewall with McAfee AV and Profiler

      70102HW01         25-Apr-11 23:04    obsolete   Sidewinder 7.0.1.02.HW01 F Model Hardware Support

      70102HW02         25-Apr-11 23:20    installed  Sidewinder 7.0.1.02.HW02 Rev B - New network hardware (updated em and ix drivers, new igb driver)

       

      secondary firewall package

       

      Local Packages                                           

                                                -------------------                                         

                             CommandCenter Management Version: 7.0.1.02.CC.4.0.0.05.01                      

      What              When               Status     Description

      ================= ================== ========== =======================================================

      70100             25-Apr-11 23:04    installed  Sidewinder 7.0.1.00 IPv6 Phase 1

      70101             25-Apr-11 23:04    installed  Sidewinder 7.0.1.01 FIPS 140-2 Level 2

      70102             25-Apr-11 23:04    installed  Sidewinder 7.0.1.02 Transparent Firewall with McAfee AV and Profiler

      70102HW01         25-Apr-11 23:04    obsolete   Sidewinder 7.0.1.02.HW01 F Model Hardware Support

      70102HW02         25-Apr-11 23:20    installed  Sidewinder 7.0.1.02.HW02 Rev B - New network hardware (updated em and ix drivers, new igb driver)

       

       

      I could not restore in secondary unit ,I am getting error as


      /var/log/swedeautotranslate.log


      -- Config reapply failed -- Tue Apr 26 11:40:30 SGT 2011 --
      config reapply error: GenericError: Could not reapply swede

       

       

      any advice on error?

       

      Thanks,

      Faizur

        • 1. Re: Unable to restore config backup in secondary backup file
          sliedl

          The problem here is most likely your Sendmail configuration.  If you look at the audit after trying to restore your configuration you'll probably see errors such as 'Could not determine mailburb' or 'File /secureos/etc/access.mta# does not exist' (where # is a numeral).

           

          If you see the access.mta# error, you have to (in my experience) go 'touch access.mta#' in /secureos/etc/sendmail/ and then chtype it to mta#:conf  (replace # with the correct numeral).  Now reboot the firewall.

           

          If it comes up into single-user mode again, check the audit and most likely you'll get the 'mailburb' error.  If you do, open the /secureos/etc/sendmail/sendmail.conf file.  In that file you'll see a 'sendmail_config(# #)' line.  I've found that it says (-1 -1) when I get this error.  You have to change this line to two numbers that correspond to the numbers you see after the files in this /sendmail folder (for example the .mta# files).  Usually you can change it to (2 1), save, and then do a 'cf sendmail rebuild'.

           

          If you do not understand those steps, what you should do is call into Support and have someone help you get around this.

           

          1-800-700-8328 (options 1, 1)

          1-651-628-1500 (options 3, 1)