Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Lee_Doran
Explorer

need help removing a bad NAT in the Command line

I locked myself out of the firewall by not paying attention to the NAT rule. its no good and I cant figure out what command I need to remove it from the command line. (since I cant get back into the web interface) please help I don't want to have to start from square 1. I have

R77.20.81

thanks

0 Kudos
7 Replies
Ahmed_Ali
Explorer

Can you not use "fw unloadlocal" ? to temporarily unload the policy from the appliance and then make necessary NAT changes and deploy the policy again.

0 Kudos
Lee_Doran
Explorer

that worked but how to I enable the local again after running "fw unloadlocal"? sorry i'm still new to these firewalls

0 Kudos
Ahmed_Ali
Explorer

Hi Lee,

1) You can push the policy from the smart dashboard to the gateway.

2) or you can run this command in the gateway cli "fw fetch InsertYourManagementServerName"

 

0 Kudos
Ben_Dunkley
Contributor

Given that it's R77.20.81 - I'm assuming that this is a 700-series or 1400-series appliance?

So it's plausible that there might not be a management server, and SmartDashboard might not be an option.

0 Kudos
Lee_Doran
Explorer

1200R firewall

0 Kudos
Lee_Doran
Explorer

Hello Ahmed,

smart dashboard --not sure what that is. It is a locally managed firewall

haven't done a management server yet.

0 Kudos
PhoneBoy
Admin
Admin

In the future, please post queries about the 1200R in the SMB and SMP‌ space so you are provided the most relevant help.

The CLI command to show NAT rules is show nat-rules

Once you figure out what position the erroneous NAT rule is in, you can use delete nat-rule position X to remove the erroneous rule.

See also: Check Point 600/700/1100/1200R/1400 Appliance R77.20.80 Technical Reference Guide 

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events