Locally managed SMBs table.def files for VPN fine-tuning

Document created by Günther W. Albrecht on Mar 26, 2018Last modified by Günther W. Albrecht on Apr 4, 2018
Version 3Show Document
  • View in full screen mode

I have covered changing crypt.def in Locally managed SMBs .def files for VPN fine-tuning - but there is more to configure if it is needed ! You can find the use of table.def in sk31908 Changing the size limit of the client_auth table  and sk31832 How to prevent ClusterXL / VRRP / IPSO IP Clustering from hiding its own traffic behind Virtual IP address - table.def can be found on locally managed SMBs in /pfrm2.0/config1/fw1/lib/ or /pfrm2.0/config2/fw1/lib/ and in /pfrm2.0/opt/fw1/lib/. On managed GWs, see sk98339 Location of 'table.def' files on Security Management Server for location on the SMS. The table.def file which should be changed on SMBs is: /opt/fw1/lib/table.def (/pfrm2.0/config[1 / 2]/fw1/lib/table.def is in directories which are softlinks - the only relevant file is /opt/fw1/lib/table.def) !


You can make changes to it, which will not survive firmware upgrade, but will survive reboot, and then run:
(for sk31832:)

[Expert]# fw_configload

(for sk44852:)

[Expert]# vpn_configload

(followed for both by:)

[Expert]# fw reconf_sfwd

Attachments

    Outcomes