Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Highlighted
Iron

Couln't save sysctl variables

Jump to solution

Hello!

Unfortunately i don't know right category for my question... Sorry!

I have CheckPoint 600 Appliance with R77.20.20 firmware. There is a proble like https://supportcenter.checkpoint.com/supportcenter/portal?eventSubmit_doGoviewsolutiondetails=&solut..., but "To view this solution, Advanced access is required"... Pity.


I consider that this ploblem seemsed like ARP Flux, so sulution can be "sysctl -w net.ipv4.conf.all.arp_ignore=2", byt this work only before reboot... For a standard linux you should write this config to /etc/sysctl.conf for permanently save. But CheckPoint is not a standard linux, and have no /etc/sysctl.conf (if i've create it, checkpoint dont read that). 

Whot shoul i do to save "net.ipv4.conf.all.arp_ignore=2" config permanently???

 

0 Kudos
1 Solution
8 Replies
Highlighted
Admin
Admin

Re: Couln't save sysctl variables

Jump to solution

SecureKnowledge article you want to access is irrelevant for SMB appliances. 

 

Before going any further, what is the issue with ARPs that you are facing?

0 Kudos
Highlighted
Iron

Re: Couln't save sysctl variables

Jump to solution

Somtimes (not everytime) when host A from the same network as firewall want to know communicate with host B, he is sending ARP request in order to get the MAC address of host B, host B terned off that time, but firewall ansvers, that have this mac in his LAN. It won't be a problem if not IEEE 802.1X, but we have this technology, and switch considers that host B mac is on firewals port of switch, not on host B real port of switch.
We want to forbid firewall answers for ARP requests.

0 Kudos
Highlighted
Sapphire

Re: Couln't save sysctl variables

Jump to solution
0 Kudos
Highlighted
Iron

Re: Couln't save sysctl variables

Jump to solution

unfortunately, we have no "Advanced access"

0 Kudos
Highlighted
Sapphire

Re: Couln't save sysctl variables

Jump to solution

Then contact TAC for help - you do have valid support ?

0 Kudos
Highlighted
Iron

Re: Couln't save sysctl variables

Jump to solution

Ok, i successfully have resolved my problem by ```echo "sysctl -w net.ipv4.conf.all.arp_ignore=2" >> /pfrm2.0/etc/userScript```

Highlighted
Admin
Admin

Re: Couln't save sysctl variables

Jump to solution

good to know!

0 Kudos