cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted

R80.x - Debug policy installation on gateway

Jump to solution

There is a simple way to debug the policy installation on a gateway.

1) Log on to the management server

2) Opens the expert mode

# expert

3) Staret the debug into a text file

# export INTERNAL_POLICY_LOADING=1
# fwm -d load <POLICY> <GATEWAY> &> test.txt

4) Now you can analyze the installation issue in the textfile text.txt. Now it takes a bit of experience to find the issue.

(view in My Videos)
 

 

Tags (1)
1 Solution

Accepted Solutions

Re: R80.x - Debug policy installation on gateway

Jump to solution

Add  this to a file for example to installpolicy.sh.

# vi /home/admin/installpolicy.sh

export INTERNAL_POLICY_LOADING=1
fwm load <POLICY> <GATEWAY> 

Now set +x to this file:

# chmod +x installpolicy.sh

Now set this file as cronjob!

 

 

Tags (1)
6 Replies
Admin
Admin

Re: R80.x - Debug policy installation on gateway

Jump to solution
One extra step to debug policy loading from the CLI now...

Re: R80.x - Debug policy installation on gateway

Jump to solution

It is very interesting that you can install the policy via CLI.

We have many firewalls in Australia and the policy installation takes a long time.

Then I can perform the installation at night script controlled.

 

 

Re: R80.x - Debug policy installation on gateway

Jump to solution

Hi @James_Hawkins 

Yes it is possible. I use this to install policys in China every night via cronjob.

Regards

Heiko

 

 

Tags (1)

Re: R80.x - Debug policy installation on gateway

Jump to solution

Add  this to a file for example to installpolicy.sh.

# vi /home/admin/installpolicy.sh

export INTERNAL_POLICY_LOADING=1
fwm load <POLICY> <GATEWAY> 

Now set +x to this file:

# chmod +x installpolicy.sh

Now set this file as cronjob!

 

 

Tags (1)

Re: R80.x - Debug policy installation on gateway

Jump to solution

THX

James

0 Kudos
Employee
Employee

Re: R80.x - Debug policy installation on gateway

Jump to solution

Additional way to run policy installation automatically is by running from the gateway:

fw fetch local

The gateway will then fetch the last policy that was installed from the mgmt.

Working from clish as well as from expert mode.