Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Yevgeniy_Yeryom
Contributor

fw unloadpolicy on a gateway in AWS

Hello together, 
is it a way to deinstall the policy e.g. by "fw unloadpolicy" on a gateway in AWS? 

Cheers, 
Yevgeniy  

2 Replies
Nikhil_Deshmukh
Contributor

fw unloadlocal will 'unload' the policy from the appliance. To load a policy you have to either push it out from the management station either using DashBoard or command line or fetch it using command line on the appliance.

Caution:- Do not run the same in Production Gateway.

NickGriffiths
Participant

If you find yourself in the, um, unfortunate position of having managed to lock yourself out of an Azure based management server (or gateway for that matter) by pushing an erroneous policy to a gateway, there is a little access tool to help you fudge a way to restoring comms;

I had a similar issue at a customer who was using an internal Cluster across an express route, so (not internet facing as such; and thankfully no NAT was involved as this was just a datacentre extension) but using the 'Serial console' from within Azure Portal I was able to 'fw unloadlocal' and also enable ip forwarding [echo 1 > /proc/sys/net/ipv4/ip_forward] (absolutely not recommended) to get access back to the management server through the gateway.

Just in case this helps anyone else out.

Edit: Just read the original question, it's about AWS, my response is purely for Azure, doh!

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.