Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
J_Saun
Contributor

Firewall not forwarding traffic - policy unloaded

Jump to solution

We have a 5000 series appliance that has not been added to a management station yet. In order to permit traffic through temporarily while we build other components we issues the 'fw unloadlocal' command. When we try to route through the firewall (using ping from a src outside one int and destined for a host on a different int) we see it get processed on the inbound interface (little i and big I) but it never leaves the destination interface.

We have verified we can ping the destination and that a route exists.

With the policy unloaded AND the firewall not being part of a management station would it not just act as a router and process traffic? Is there a debug command that can tell us whats going on?

0 Kudos
1 Solution

Accepted Solutions
Maarten_Sjouw
Champion
Champion

Nope, when the policy is unloaded there is no forwarding. It is then just a simple Linux host, not a router.

After searching for this I found this CPUG entry that says to issue the following command to reanble IP forwading:

echo 1 > /proc/sys/net/ipv4/ip_forward

Thanks Tim.

 

Regards, Maarten

View solution in original post

2 Replies
Maarten_Sjouw
Champion
Champion

Nope, when the policy is unloaded there is no forwarding. It is then just a simple Linux host, not a router.

After searching for this I found this CPUG entry that says to issue the following command to reanble IP forwading:

echo 1 > /proc/sys/net/ipv4/ip_forward

Thanks Tim.

 

Regards, Maarten

View solution in original post

J_Saun
Contributor
Thanks! That was it. Traffic is being forwarded now.
0 Kudos