Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Ilan_Nadav
Explorer

Delete a policy rule from console

Hi;

I configured a rule via Smartconsole for SMC that block access from my network to the FW itself (by mistake)#.

Since I have console access, I wonder if it is possible to delete this rule / revert last policy changes via the console?

thanks in advance;

Labels (1)
4 Replies
Robert_Decker
Employee Alumnus
Employee Alumnus

PhoneBoy
Admin
Admin

That assumes you can reach the management Smiley Happy

Note that FireWall-1 Control Connections (e.g. policy push) should be allowed by the implied rules, so you should be able to push a corrected policy from the management.

If that doesn't work, what you can do from the gateway itself with respect to the policy are:

  • Fetch policy from the management (fw fetch management_name)
  • Unload the existing policy (fw unloadlocal)

You cannot modify an existing loaded policy from the gateway itself. 

Ray_Lal
Participant

As Dameon mentioned, you could disable the rule, then pull the new policy manually from the gateways.. Examples here Smiley Happy

Checkpoint Firewall CLI tool “dbedit” and quick lab examples 

Ilan_Nadav
Explorer

Hi All;

Thanks for all your references.

I didn't have rule number / name to delete from CLI, and when I tried to add rule on top, action succeed, but still there wasn't ping to management IP -  so eventually I reinstalled the FW and now it works.

🙂