Showing results for 
Search instead for 
Did you mean: 
Create a Post

Delete a policy rule from console


I configured a rule via Smartconsole for SMC that block access from my network to the FW itself (by mistake)#.

Since I have console access, I wonder if it is possible to delete this rule / revert last policy changes via the console?

thanks in advance;

Labels (1)
4 Replies

Re: Delete a policy rule from console


Re: Delete a policy rule from console

That assumes you can reach the management Smiley Happy

Note that FireWall-1 Control Connections (e.g. policy push) should be allowed by the implied rules, so you should be able to push a corrected policy from the management.

If that doesn't work, what you can do from the gateway itself with respect to the policy are:

  • Fetch policy from the management (fw fetch management_name)
  • Unload the existing policy (fw unloadlocal)

You cannot modify an existing loaded policy from the gateway itself. 


Re: Delete a policy rule from console

As Dameon mentioned, you could disable the rule, then pull the new policy manually from the gateways.. Examples here Smiley Happy

Checkpoint Firewall CLI tool “dbedit” and quick lab examples 

Re: Delete a policy rule from console

Hi All;

Thanks for all your references.

I didn't have rule number / name to delete from CLI, and when I tried to add rule on top, action succeed, but still there wasn't ping to management IP -  so eventually I reinstalled the FW and now it works.