https://community.checkpoint.com/t5/Endpoint/Firewall-not-forwarding-traffic-policy-unloaded/m-p/72257#M1903 <P>We have a 5000 series appliance that has not been added to a management station yet. In order to permit traffic through temporarily while we build other components we issues the 'fw unloadlocal' command. When we try to route through the firewall (using ping from a src outside one int and destined for a host on a different int) we see it get processed on the inbound interface (little i and big I) but it never leaves the destination interface.</P><P>We have verified we can ping the destination and that a route exists.</P><P>With the policy unloaded AND the firewall not being part of a management station would it not just act as a router and process traffic? Is there a debug command that can tell us whats going on?</P> Tue, 14 Jan 2020 17:56:41 GMT J_Saun 2020-01-14T17:56:41Z https://community.checkpoint.com/t5/Endpoint/Firewall-not-forwarding-traffic-policy-unloaded/m-p/72257#M1903 <P>We have a 5000 series appliance that has not been added to a management station yet. In order to permit traffic through temporarily while we build other components we issues the 'fw unloadlocal' command. When we try to route through the firewall (using ping from a src outside one int and destined for a host on a different int) we see it get processed on the inbound interface (little i and big I) but it never leaves the destination interface.</P><P>We have verified we can ping the destination and that a route exists.</P><P>With the policy unloaded AND the firewall not being part of a management station would it not just act as a router and process traffic? Is there a debug command that can tell us whats going on?</P> Tue, 14 Jan 2020 17:56:41 GMT https://community.checkpoint.com/t5/Endpoint/Firewall-not-forwarding-traffic-policy-unloaded/m-p/72257#M1903 J_Saun 2020-01-14T17:56:41Z https://community.checkpoint.com/t5/Endpoint/Firewall-not-forwarding-traffic-policy-unloaded/m-p/72258#M1904 <P>Nope, when the policy is unloaded there is no forwarding. It is then just a simple Linux host, not a router.</P> <P>After searching for this I found <A href="https://www.cpug.org/forums/showthread.php/22701-fw-unloadlocal-and-routing-daemon-stopping" target="_self">this CPUG entry</A>&nbsp;that says to issue the following command to reanble IP forwading:</P> <P><STRONG>echo 1 &gt; /proc/sys/net/ipv4/ip_forward</STRONG></P> <P>Thanks Tim.</P> <P>&nbsp;</P> Tue, 14 Jan 2020 18:07:55 GMT https://community.checkpoint.com/t5/Endpoint/Firewall-not-forwarding-traffic-policy-unloaded/m-p/72258#M1904 Maarten_Sjouw 2020-01-14T18:07:55Z https://community.checkpoint.com/t5/Endpoint/Firewall-not-forwarding-traffic-policy-unloaded/m-p/72260#M1905 Thanks! That was it. Traffic is being forwarded now. Tue, 14 Jan 2020 18:23:56 GMT https://community.checkpoint.com/t5/Endpoint/Firewall-not-forwarding-traffic-policy-unloaded/m-p/72260#M1905 J_Saun 2020-01-14T18:23:56Z