This website uses cookies. By clicking OK, you consent to the use of cookies. Click Here to learn more about how we use cookies.
OK
ABOUT CHECKMATES & FAQ
Create a Post
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
Help
HeikoAnkenbrand
Champion
Champion
‎2019-04-04 10:14 AM

R80.x - Debug policy installation on gateway

Jump to solution

There is a simple way to debug the policy installation on a gateway.

1) Log on to the management server

2) Opens the expert mode

# expert

3) Staret the debug into a text file

# export INTERNAL_POLICY_LOADING=1
# fwm -d load <POLICY> <GATEWAY> &> test.txt

4) Now you can analyze the installation issue in the textfile text.txt. Now it takes a bit of experience to find the issue.

(view in My Videos)
  

 

Reply
1 Solution

Accepted Solutions
HeikoAnkenbrand
Champion
Champion
‎2019-04-05 08:57 AM
In response to James_Hawkins

Jump to solution

Add  this to a file for example to installpolicy.sh.

# vi /home/admin/installpolicy.sh

export INTERNAL_POLICY_LOADING=1
fwm load <POLICY> <GATEWAY> 

Now set +x to this file:

# chmod +x installpolicy.sh

Now set this file as cronjob!

 

 

View solution in original post

Reply
6 Replies
PhoneBoy
Admin
Admin
‎2019-04-04 04:08 PM

Jump to solution
One extra step to debug policy loading from the CLI now...
Reply
James_Hawkins
Participant
‎2019-04-05 06:02 AM

Jump to solution

It is very interesting that you can install the policy via CLI.

We have many firewalls in Australia and the policy installation takes a long time.

Then I can perform the installation at night script controlled.

 

 

Reply
HeikoAnkenbrand
Champion
Champion
‎2019-04-05 08:49 AM
In response to James_Hawkins

Jump to solution

Hi @James_Hawkins 

Yes it is possible. I use this to install policys in China every night via cronjob.

Regards

Heiko

 

 

Reply
HeikoAnkenbrand
Champion
Champion
‎2019-04-05 08:57 AM
In response to James_Hawkins

Jump to solution

Add  this to a file for example to installpolicy.sh.

# vi /home/admin/installpolicy.sh

export INTERNAL_POLICY_LOADING=1
fwm load <POLICY> <GATEWAY> 

Now set +x to this file:

# chmod +x installpolicy.sh

Now set this file as cronjob!

 

 

View solution in original post

Reply
James_Hawkins
Participant
‎2019-04-05 09:01 AM
In response to HeikoAnkenbrand

Jump to solution

THX

James

0 Kudos
Reply
Eddie_Kalbert
Employee
Employee
‎2019-04-08 08:23 AM
In response to James_Hawkins

Jump to solution

Additional way to run policy installation automatically is by running from the gateway:

fw fetch local

The gateway will then fetch the last policy that was installed from the mgmt.

Working from clish as well as from expert mode.

Reply