cancel
Showing results for 
Search instead for 
Did you mean: 
Create a Post
Highlighted

R80.x - Debug policy installation on gateway

There is a simple way to debug the policy installation on a gateway.

1) Log on to the management server

2) Opens the expert mode

# expert

3) Staret the debug into a text file

# export INTERNAL_POLICY_LOADING=1
# fwm -d load <POLICY> <GATEWAY> &> test.txt

4) Now you can analyze the installation issue in the textfile text.txt. Now it takes a bit of experience to find the issue.

(view in My Videos)
 

 

Tags (1)
6 Replies
Admin
Admin

Re: R80.x - Debug policy installation on gateway

One extra step to debug policy loading from the CLI now...

Re: R80.x - Debug policy installation on gateway

It is very interesting that you can install the policy via CLI.

We have many firewalls in Australia and the policy installation takes a long time.

Then I can perform the installation at night script controlled.

 

 

Re: R80.x - Debug policy installation on gateway

Hi @James_Hawkins 

Yes it is possible. I use this to install policys in China every night via cronjob.

Regards

Heiko

 

 

Tags (1)

Re: R80.x - Debug policy installation on gateway

Add  this to a file for example to installpolicy.sh.

# vi /home/admin/installpolicy.sh

export INTERNAL_POLICY_LOADING=1
fwm load <POLICY> <GATEWAY> 

Now set +x to this file:

# chmod +x installpolicy.sh

Now set this file as cronjob!

 

 

Tags (1)

Re: R80.x - Debug policy installation on gateway

THX

James

0 Kudos
Employee
Employee

Re: R80.x - Debug policy installation on gateway

Additional way to run policy installation automatically is by running from the gateway:

fw fetch local

The gateway will then fetch the last policy that was installed from the mgmt.

Working from clish as well as from expert mode.