- Products
- Learn
- Local User Groups
- Partners
- More
Access Control and Threat Prevention Best Practices
5 November @ 5pm CET / 11am ET
Ask Check Point Threat Intelligence Anything!
October 28th, 9am ET / 3pm CET
Check Point Named Leader
2025 Gartner® Magic Quadrant™ for Hybrid Mesh Firewall
HTTPS Inspection
Help us to understand your needs better
CheckMates Go:
Spark Management Portal and More!
We are facing a issue in our environment that we couldn't able to install a policy in firewall from mgmt server and local gateway too
We are getting below erro code while installing and TAC said it's new to checkpoint and unknown issue also moved to r&d team.
Please help someone if any resolution for that.
Error code: 0-3-2000173-1
Note: gateway model :6400 / mgmt server: VM
Version:R81.10 and take 87
Just in case, I've confirmation that R&D identified and pushed the fix directly in the latest IPS package.
As expected that was an issue with some signatures.
Here is the tl;dr from TAC :
I have an update from the R&D team regarding the Error code, the fix has been provided on the new IPS Package Today.
No need to install any port fix.
Please, install Latest IPS package first and later Install policy for Threat Prevention and Access separately.
If the error is unknown in TAC, and R&D is involved, it is very unlikely that you can get someone else to assist. Please follow the support process and let us know when it is resolved.
@Dhilip_dj First for the record I agree with @_Val_ . However, if you are looking to poke around in the meantime here are some addtional resources:
https://www.youtube.com/watch?v=bhD9lHrL7fE
How to debug the CPD daemon
https://support.checkpoint.com/results/sk/sk86320
'Installation failed. Reason: Load on Module failed - failed to load security policy' error during policy installation
https://support.checkpoint.com/results/sk/sk33893
Policy installation flow
https://support.checkpoint.com/results/sk/sk101226
@_Val_ @Bryan-Smith thanks for the hope, the issue is resolved as of now without root cause, and looking for a permanent solution for it, since we have spotted this issue 3rd time in a month.
Do you have a support case for this?
Hello, my friend.
I have the same problem as you.
Can you tell me, if you managed to solve your event?
What action plan corrected your problem?
Thank you.
hii Friend,
I have same too the problem.
Policy: xxxxxx-Policy
Status: Failed
        - Policy installation failed on bash: Gateway:: command not found
gateway. If the problem persists contact Check Point support (Error code: 0-3-2000173-1).
our environment which cluster gw, my step
- cpstop;cpstart on standby member (FW2)--> doing install access policy (with uncheck do not instal....) --> status succeded
- cpstop;cpstart on active member (FW1)--> doing install access policy --> status succeded for all gw
- trying to switch over again at active member FW2 but make new issue the error at GW "HA module not started" , reboot device not affected, doing reset SIC and install policy then all FW1 & FW2 normally active, for several time trying to install access policy, unfortunately the error become back again with same error .....(Error code: 0-3-2000173-1)
thank you
Hello Friend,
the same way we tried to troubleshoot the issue on first time, but after that, we changed the IPS profile as mentioned above reply now we can install a policy, and if you are facing an issue even after the IPS profile change create a new profile as mirror and try map into policy then install
I have just changed the IPS profile performance impact: high to medium and low confidence: detect to inactive now we can able to install a policy. but the R&D team is working on creating a specific hotfix for this issue.
Did you have any update from TAC ?
We are experiencing the same issue this morning, and can not push any policy, sale error code.
I didn't find any way to workaround the issue, I've tried some things that I read in this post but without success.
I opened a case but it will take time as always...
Same issue here.
Our environment is R81.20 JHF26
Affected clusters are 6600 and 260000 .... 
Possible Workaround is "fw amw unload" - but this leaves you without any Threat Prevention ...
Hello,
Follow these recommendations, and comment on your results.
TAC is working on a FIX for the error code, but in the version 81.10
It is good to know that it is also occurring in 81.20, so that Check Point is aware of it, and can also apply a FIX for this version.
On 6600 we are running Autonomous Profile "Strict"; Installing the "perimeter" profile does change the behavior to error code "0-1-2000184" -> sk178687; After applying the solution, policy install is OK again
On 26000 I've set the IPS profile parameters like mentioned (only on IPS profile, we have a different one for AV / antibot) -> policy install is OK again
Just in case, I've confirmation that R&D identified and pushed the fix directly in the latest IPS package.
As expected that was an issue with some signatures.
Here is the tl;dr from TAC :
I have an update from the R&D team regarding the Error code, the fix has been provided on the new IPS Package Today.
No need to install any port fix.
Please, install Latest IPS package first and later Install policy for Threat Prevention and Access separately.
Hello,
just got the same message on a customer ...
Switching the ISP profiles and installing the policy worked as described ...
or use this SK 181532
https://support.checkpoint.com/results/sk/sk181532
best regards
I met the issue with failed Access Control policy and Error code: 0-3-2000173-1 today on R81.10 HFA#110 VSX + MDS.
We needed to install the policy immediately, so before installing the newer jumbo (as is mentioned in the SK 181532), we just changed these two options:
Performance impact to :Medium and Lower and
Low confidence to : Inactive
After that, the policy installation was successful. It reduced the number of signatures used, which is the root cause according to the SK. The next steps will be to install the latest jumbo and undo the changes. This was just a quick workaround to install the policy.
 
					
				
				
			
		
Leaderboard
Epsum factorial non deposit quid pro quo hic escorol.
| User | Count | 
|---|---|
| 18 | |
| 16 | |
| 13 | |
| 11 | |
| 10 | |
| 7 | |
| 7 | |
| 6 | |
| 6 | |
| 4 | 
Tue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionTue 28 Oct 2025 @ 11:00 AM (EDT)
Under the Hood: CloudGuard Network Security for Google Cloud Network Security Integration - OverviewTue 28 Oct 2025 @ 12:30 PM (EDT)
Check Point & AWS Virtual Immersion Day: Web App ProtectionThu 30 Oct 2025 @ 03:00 PM (CET)
Cloud Security Under Siege: Critical Insights from the 2025 Security Landscape - EMEAThu 30 Oct 2025 @ 11:00 AM (EDT)
Tips and Tricks 2025 #15: Become a Threat Exposure Management Power User!About CheckMates
Learn Check Point
Advanced Learning
YOU DESERVE THE BEST SECURITY