Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
HeikoAnkenbrand
Champion
Champion

R80.x - Debug policy installation on gateway

Jump to solution

There is a simple way to debug the policy installation on a gateway.

1) Log on to the management server

2) Opens the expert mode

# expert

3) Staret the debug into a text file

# export INTERNAL_POLICY_LOADING=1
# fwm -d load <POLICY> <GATEWAY> &> test.txt

4) Now you can analyze the installation issue in the textfile text.txt. Now it takes a bit of experience to find the issue.

 

 

1 Solution

Accepted Solutions
HeikoAnkenbrand
Champion
Champion

Add  this to a file for example to installpolicy.sh.

# vi /home/admin/installpolicy.sh

export INTERNAL_POLICY_LOADING=1
fwm load <POLICY> <GATEWAY> 

Now set +x to this file:

# chmod +x installpolicy.sh

Now set this file as cronjob!

 

 

View solution in original post

6 Replies
PhoneBoy
Admin
Admin
One extra step to debug policy loading from the CLI now...
James_Hawkins
Participant

It is very interesting that you can install the policy via CLI.

We have many firewalls in Australia and the policy installation takes a long time.

Then I can perform the installation at night script controlled.

 

 

HeikoAnkenbrand
Champion
Champion

Hi @James_Hawkins 

Yes it is possible. I use this to install policys in China every night via cronjob.

Regards

Heiko

 

 

HeikoAnkenbrand
Champion
Champion

Add  this to a file for example to installpolicy.sh.

# vi /home/admin/installpolicy.sh

export INTERNAL_POLICY_LOADING=1
fwm load <POLICY> <GATEWAY> 

Now set +x to this file:

# chmod +x installpolicy.sh

Now set this file as cronjob!

 

 

View solution in original post

James_Hawkins
Participant

THX

James

0 Kudos
Eddie_Kalbert
Employee
Employee

Additional way to run policy installation automatically is by running from the gateway:

fw fetch local

The gateway will then fetch the last policy that was installed from the mgmt.

Working from clish as well as from expert mode.