PDA

View Full Version : Install an 'accept all' policy on the firewall module



Barry J. Stiefel
2005-08-13, 16:30
Install an 'accept all' policy on the firewall module



If you tried to install the policy from the management console and failed, log onto the console of 'gateway' and do a:

fw fetch control

If that fails, try the following:


Logon to the console of "gateway"


IMPORTANT: You are about to uninstall the security policy. This will probably stop existing connections through the firewall (depending on whether or not you allow FireWall-1 to control IP Forwarding) and will also expose your firewall to potential attack.


Unload the existing security policy: fw unload localhost



From "control", load a new security policy: fw load policy.pf gateway


-- GuyR (http://www.phoneboy.com/bin/view.pl/Main/GuyR) - 11 Jan 2004

FAQForm (http://www.phoneboy.com/bin/view.pl/FAQs/FAQForm) FAQs.Class: RemoteManagementFAQs (http://www.phoneboy.com/bin/view.pl/FAQs/RemoteManagementFAQs) FAQs.OS: FAQs.Version: