Create a Post
Showing results for 
Search instead for 
Did you mean: 

install policy FAILED help!

I have the most unhelpful error message of all time - can anyone help me ?


I'm trying to push access policy . everything was working last time i checked which was a few days ago. now this.


If the problem persists contact Check Point support (Error code: 0-2000173-0)


MDS is running 80.40


gateway is running 80.20

0 Kudos
5 Replies

What is the rest of the message? The text 'If the problem persists' also implicates there is more information above this message.
Regards, Maarten
0 Kudos

Almost certainly a policy commit failure on the gateway, which provides practically zero information about the failure back to the SMS/SmartConsole.  Usually this is due to a memory shortage on an overloaded gateway and sometimes a reboot will fix it.  In other cases it is an error in the compiled policy that the SMS did not catch, see here for further reading:

sk33893: 'Installation failed. Reason: Load on Module failed - failed to load security policy' error...

sk101875: Policy installation fails with "Load on module failed - no memory" error


Book "Max Power 2020: Check Point Firewall Performance Optimization" Third Edition
Now Available at
0 Kudos

Still having same issue

Here is the error i get when i try and fetch the policy from the gateway side of things.

[Expert@FW01]# fw fetch
Fetching Security Policy from '#.#.#.#'

Fetching Security Policy Succeeded.

Installing Security Policy...

Error loading policy.

Error: Failed to run policy installation wrapper.
sfw_fetch_callback: Failed to execute command '"/opt/fw1/bin/fw" fetchlocal -d "/opt/fw1/state/__tmp/FW1"'. rc=1, exit code =-1
Unable to install the Security Policy on the appliance
0 Kudos


I suggest opened a ticket with TAC but in the meantime:

Is the Security Gateway a Small Office Appliance?

Can you run the following command and send me the output:

fw -d fetchlocal -d /opt/CPsuite-R81/fw1/state/__tmp/FW1/




0 Kudos

sent, thanks ,


on a better note i was able to push access control policy if i un-selected the "application control" & "url filtering" blades


as soon as i check them back off and try to push policy it fails again. 




0 Kudos