This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
ABOUT CHECKMATES CYBER SECURITY COMMUNITY & FAQ
Create a Post
Help
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 

Are you a member of CheckMates?

×
Sign in with your Check Point UserCenter/PartnerMap account to access more great content and get a chance to win some Apple AirPods! If you don't have an account, create one now for free!
Jon_Dyke
Contributor
‎2018-09-13 09:34 AM

Ghost Policy!

Has anyone ever had any issues with a 'ghost' policy?

What I mean by this is that we has a set of GW's that became redundant (powered down).  We deleted the policy that was associated with them but when we try to get rid of the GW's (and Cluster) they refuse to delete saying they are in use by objects - when you do a where used its referencing the policy that no longer exists!


Any suggestions welcome.

0 Kudos
6 Replies
PhoneBoy
Admin
Admin
‎2018-09-13 09:41 AM

What version/patch level?

You may be able to delete the objects with the API and/or dbedit depending on the version. 

0 Kudos
Jon_Dyke
Contributor
‎2018-09-13 09:48 AM

R80.10 Jumbo Hotfix 112

0 Kudos
PhoneBoy
Admin
Admin
‎2018-09-13 11:18 AM
In response to Jon_Dyke

See if you can delete one of the gateways with something like (from CLI of management): mgmt_cli -r true delete simple-gateway name gwname

The cluster, not being a simple-gateway object, will probably have to be deleted with dbedit.

Something like: delete network_objects clustername

0 Kudos
Jon_Dyke
Contributor
‎2018-09-14 09:36 AM

If I go into the cluster oand do a remove under cluster members, what is get is xxxx is used by another object and cannot be deleted.  If I then click where used?  I get a list of objects.  The Names are all rule names and the table is rule_base.  But I know for a fact that they are not associated with any of my three current policies and that these references are referring to a policy that was deleted.

I will try from the CLI and see what I get.

Jon

0 Kudos
Maarten_Sjouw
Champion
Champion
‎2018-09-17 02:02 PM
In response to Jon_Dyke

I can only advise you to get TAC involved and get them to involve development, as these are just the type of problems we had and needed the involvement of R&D to get them resolved.

Regards, Maarten
0 Kudos
Jon_Dyke
Contributor
‎2018-11-29 07:14 AM

TAC managed to solve this but it took some effort to remove orphaned entries from the database tables!

Thanks for Advice

Jon

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

View All ≫
Upcoming Events

    CheckMates Events
    Top