Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
iko
Contributor

change kernel parameter fails

Jump to solution

Hi,

I need to enable TLS1.3 on my R81 Security Gateway, which is a standalone VM with management gateway installed as well.

First I saw that: https://sc1.checkpoint.com/documents/R81/WebAdminGuides/EN/CP_R81_ThreatPrevention_AdminGuide/Topics...

But I have no such fwkern.conf file.

So I followed that procedure to change the kernel parameter: https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

 

But operation fails with:

[Expert@gw-a7234c:0]# fw ctl set int fwtls_enable_tlsio 1

Set operation failed: failed to get parameter fwtls_enable_tlsio

set: Operation failed

Killed

 

Can someone tell me what am I doing wrong?

Thank you, Iko

0 Kudos
1 Solution

Accepted Solutions
iko
Contributor

I solved it by creating the fwkern.conf file manually and added the entry:

fwtls_enable_tlsio=0x1

Thanks for the attention.

Iko

View solution in original post

0 Kudos
3 Replies
iko
Contributor

btw, the get works:


[Expert@gw-a7234c:0]# fw ctl get int fwtls_enable_tlsio
fwtls_enable_tlsio = 0

0 Kudos
iko
Contributor

I solved it by creating the fwkern.conf file manually and added the entry:

fwtls_enable_tlsio=0x1

Thanks for the attention.

Iko

0 Kudos
Václav_Brožík
Collaborator

Some kernel parameters cannot be set at run-time. They can be set only during the module initialization from fwkern.conf.

0 Kudos