Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
yishaia
Explorer

Fetch policy automatically on 1490 appliance from management server

Hello,

 

i have 20 - 1490 appliance that i manage from the management server r80.10.

the install policy on 1490 is slowly so i want to check if there is an option,

when i install policy on all 1490 appliance from the management server it take 30-40 minutes,

if i install only on 1 -1490 it takes 5-6 minutes.

to fetch the policy automatically?

let say every 24hours,

so every change i make on the access policy in the management server will fetch automatically.

 

is there a good way to do it?

 

thanks

0 Kudos
5 Replies
Maarten_Sjouw
Champion
Champion

The issue here is that your policy needs to be compiled first, that is done when you push policy, after that it is attempted to be pushed to all gateways selected and set ready for those gateways to be picked up.
What I don't know is, what happens when you push it only to 1 or 2 gateways, will the others also pick it up?
The embedded boxes always check themselves if there is a newer policy for them through the 'Phone Home' principle, they do that every 20 minutes.
Regards, Maarten
0 Kudos
yishaia
Explorer

Hi,

 

thanks for your reply,

i tried to do it,

i pushed the policy to 1 - 1490 gateway and waited for 24hours,

the other 1490 appliance did not get the policy,

its works only if i install it directly to the gateway from the management,

any way to solve it?

0 Kudos
Maarten_Sjouw
Champion
Champion

The thing is that there will be a table on the management server that will be checked to see which policy version should be loaded on that particular gateway. If you could manipulate that table the gateways should still pick up the newer policy.

Another approach is to push the policy by means of the API, it will still take the long time, but would not bother you.
Regards, Maarten
0 Kudos
yishaia
Explorer

thanks,

 

is there a way to make the management\gateway to install policy automatically every day at 02:00?

can you explain me how to do it by script / API?

 

thanks 

0 Kudos
PhoneBoy
Admin
Admin

The problem is still that you have to push the policy to the gateway before it can be fetched in this manner.

In addition to potentially scripting the policy install, if your management is R80.20+, you can do this via SmartLSM.
In this case, you push policy to a profile, which all the 1490 appliances are assigned to.
This should be fairly quick—a few minutes versus the 40 or so to push to each gateway in sequence.
The gateways will pick up the new policy next time it fetches from management.

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events