Dear All,

I have migrated a CP4200 R77.30 to a CP6200 R81.10, all migration steps and checks were 100% successful.

• All objects and rules were migrated correctly.
• Two interfaces: eth1 (used for Internal) and mgmt (used for External/Internet).
• IP's, DNS, masks, etc --> All rebuilt the same.

However, when migrating the physical cables, there's no connectivity of any type: no internet, nothing passes through the firewall.

Also, when the security profile (policy) is applied in the appliance, the WebUI and SSH access to the appliance are no longer accessible.

• I remove the profile via fw unloadlocal and then the connectivity to the WebUI and SSH works again.
• I checked for potential blocking rules, but can't see to find one.

Question 1: What Am I doing wrong? What have I missed? May be the routing table is broken? But why the policy blocks the SSH and WebUI then?

Question 2: How can I see in the CLI what rule blocked the traffic? Best tool to open and read the blocking logs?

I have to work on the CLI at the moment, via the LOM interface, because otherwise I need to disconnect the old production firewall to plug the new one in order to access it via SmartConsole.

So any blocked log locations, log reading/parsing tools, and CLI commands to see what happened would be appreciated 😀.

Regards,

/JE