Dear All,
I have migrated a CP4200 R77.30 to a CP6200 R81.10, all migration steps and checks were 100% successful.
- All objects and rules were migrated correctly.
- Two interfaces: eth1 (used for Internal) and mgmt (used for External/Internet).
- IP's, DNS, masks, etc --> All rebuilt the same.
However, when migrating the physical cables, there's no connectivity of any type: no internet, nothing passes through the firewall.
Also, when the security profile (policy) is applied in the appliance, the WebUI and SSH access to the appliance are no longer accessible.
- I remove the profile via fw unloadlocal and then the connectivity to the WebUI and SSH works again.
- I checked for potential blocking rules, but can't see to find one.
Question 1: What Am I doing wrong? What have I missed? May be the routing table is broken? But why the policy blocks the SSH and WebUI then?
Question 2: How can I see in the CLI what rule blocked the traffic? Best tool to open and read the blocking logs?
I have to work on the CLI at the moment, via the LOM interface, because otherwise I need to disconnect the old production firewall to plug the new one in order to access it via SmartConsole.
So any blocked log locations, log reading/parsing tools, and CLI commands to see what happened would be appreciated 😀.
Regards,
/JE
/Jesus ESCOLAR