Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Hugo_vd_Kooij
Advisor

debug policy install on cli?

Jump to solution

How can one do the debug of a policy install like I could do this up to R77.30?

There it was just a matter of running : fwm -d local .....

But I could not find a R80 equivalent

1 Solution

Accepted Solutions
Norbert_Bohusch
Advisor

sk112111 outlines how to debug policy installation in R80+. If you want you can do the install through UI or using mgmt_cli.

Hope this helps!

View solution in original post

5 Replies
PhoneBoy
Admin
Admin

fwm load won't operate in R80+, you have to use the mgmt_cli to load policy now, documented here:  Check Point - Management API reference

https://community.checkpoint.com/people/ubialbf7dd8c7-dd84-3fc4-99ca-eec4929a35ad‌ do you know if there is a "debug" flag you can give to the install-policy command?

Norbert_Bohusch
Advisor

sk112111 outlines how to debug policy installation in R80+. If you want you can do the install through UI or using mgmt_cli.

Hope this helps!

View solution in original post

_Val_
Admin
Admin

thanks for sharing. 

prisciltetchou1
Explorer

Hello,

Any update on this as I have no access to this sk (sk112111) ? 

0 Kudos
Tal_Paz-Fridman
Employee
Employee

You can run the load command using Management API:

https://sc1.checkpoint.com/documents/latest/APIs/index.html#cli/install-policy~v1.8%20

 

Then tail the following files on the Security Management Server:

tail -f $MDS_FWDIR/log/install_policy.elg

tail -f $MDS_FWDIR/log/cpm.elg

 

You can also try to debug the fetch policy flow from the Security Gateway side 

 

Also, based on the errors you receive see if the following SK helps - sk33893:

https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut...

0 Kudos