[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index] [FW-1] Difference between fetch and push
Hello, I noticed something today that I never noticed before. I had to reboot a firewall and when the firewall came back up I was on the console and did a "fw fetch" to get the latest policy from the Management server, which happens to be a Provider-1 CMA. All appeared ok, I even did a fw stat after the fact to see that it got the proper policy. However, one of the rules was not working the way we expected. I had made a change maybe an hour before to this particular rule, I included the VRRP pair (of which the firewall I rebooted was a member of) in the Install On colomn. Prior to this change the rule did not do what we wanted, it was just something I had to tweak. So while running on the secondary after I fixed the rule, everything worked fine. But it appeared that when I did a fetch from the newly restored master firewall it did not get that Install On change. When I returned to my desk and pushed the policy out to the newly restored Firewall the rule worked perfectly. Is there a difference between what happens in a fetch and what happens when a policy is pushed? Mike =============================================== To unsubscribe from this mailing list, please see the instructions at http://www.checkpoint.com/services/mailing.html ===============================================
|