Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Florian_B
Participant

fwkern.conf modified at boot.

Hi, first time posting here. Apologies in advance for my limited english : )

 

So, we've been working with Checkpoint for years now, but since the 80.40 Jumbo 100 update applied a few days ago, the strangest bug happens.

 

At boot, the fwkern.conf file is being backup in a new file, copy_fwkern.conf, and a line added at the end of the custom fwkern.conf. But the addition is messed up, and If I reboot with this fwkern.conf, the gateway is stuck at loading.

So, I believe is was a problem due tu multiples updates on top of another. I re-done a gateway (we are in high availability cluster) from scratch, starting with the r80.40 iso, and then patching up to latest jumbo 100. No restore, no snapshot used. Same behaviour.

This is my fwkern.conf :

cphwd_nat_templates_support=1
cphwd_nat_templates_enabled=1
enhanced_ssl_inspection=0
bypass_on_enhanced_ssl_inspection=1
fwha_resend_arp_unicast=1
fwha_forw_packet_to_not_active=1
fwha_arp_forward_standby=1

 

after a reboot :

cphwd_nat_templates_support=1
cphwd_nat_templates_enabled=1
enhanced_ssl_inspection=0
bypass_on_enhanced_ssl_inspection=1
fwha_resend_arp_unicast=1
fwha_forw_packet_to_not_active=1
fwha_arp_forward_standby=1


nac_max_enforced_identities=90000

 

Doesn't matter if I put the file in read only, since it's regenerated at boot... Before opening a ticket, have you some stuff to look at ?

 

Thx 🙂

Florian -

 

 

 

 

 

0 Kudos
7 Replies
This widget could not be displayed.