Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Rccou
Participant

How to discard unwanted changes

Jump to solution

Hi

I have a problem with a R80.30 cluster. I had made some changes to interfaces which seem to have caused some topology changes to other interfaces. I have also made other simple policy changes. 

I have published these changes but the install fails each time with various errors about topology, interfaces etc.

In total I have over 95 changes from 4 sessions that i want to simply discard and forget about and not to install.

I have followed the advice in this link:

https://community.checkpoint.com/t5/Policy-Management/R80-Change-Control-A-Visual-Guide/td-p/39702

and reverted to a previous known version but the 95 pending changes still seem to be pending installation and i don't know how to get rid of them.

How is this done?

i reverted to an earlier version but the pending changes are still there.i reverted to an earlier version but the pending changes are still there.I'm stuck with these changes in the install queueI'm stuck with these changes in the install queue

no option to discardno option to discard

1 Solution

Accepted Solutions
Timothy_Hall
Champion
Champion

Unfortunately yes, in R80.30 and earlier you can revert policy changes as specified in my "Visual Guide" post but you cannot revert changes to objects.  In the R80.40 EA you can highlight a revision and pick "Revert to this version" to essentially undo every change (including objects) performed since that revision was published.  This capability is more or less the same as restoring a Database Revision in R77.30 management. 

Once R80.40 goes GA I'm planning to update my R80+ Change Control: A Visual Guide post with this very welcome new capability.

 

"Max Capture: Know Your Packets" Video Series
now available at http://www.maxpowerfirewalls.com

View solution in original post

5 Replies
PhoneBoy
Admin
Admin
As stated in the article you linked, you can install the policy to a gateway as it was previously installed (e.g. using Install Specific Version).
The changes you made in the management, however, remain in the management.
If you want to undo the changes, this must be done manually currently.
R80.40 is expected to have revision control so these changes can be reverted.
Rccou
Participant
Ah.. manually.. So i have to go in and pick apart each change one by one?
Timothy_Hall
Champion
Champion

Unfortunately yes, in R80.30 and earlier you can revert policy changes as specified in my "Visual Guide" post but you cannot revert changes to objects.  In the R80.40 EA you can highlight a revision and pick "Revert to this version" to essentially undo every change (including objects) performed since that revision was published.  This capability is more or less the same as restoring a Database Revision in R77.30 management. 

Once R80.40 goes GA I'm planning to update my R80+ Change Control: A Visual Guide post with this very welcome new capability.

 

"Max Capture: Know Your Packets" Video Series
now available at http://www.maxpowerfirewalls.com

View solution in original post

HienTM
Explorer

We had exact problem in 80.30 and did manual reversal of all 13 changes, one by one based on revision logs. After installation of policy the system works.

My question is supposing we upgrade to 80.40 so would newly-improved feature  "Revert to this version" undo every change (including objects) based on old revisions done in 80.30?

Thanks.

Hien 

0 Kudos
Reply
PhoneBoy
Admin
Admin

There are a few limitations (particularly with VSX) but generally yes, it rolls back the database to a specific point in time.
It does NOT push the policy to the gateways, that must be done as a separate action.