Search

	display results
words begin exact words any words part

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [FW-1] Difference between fetch and push

To: [email protected]
Subject: Re: [FW-1] Difference between fetch and push
From: Juan Concepcion <[email protected]>
Date: Sat, 13 Oct 2001 21:54:04 -0400
Importance: Normal
In-reply-to: <[email protected]>
Reply-to: Mailing list for discussion of Firewall-1 <[email protected]>
Sender: Mailing list for discussion of Firewall-1 <[email protected]>

All depends in a fetch, if you haven't saved your changes, the firewall will
not pick-up the changes you've made to the policy and will only enforce what
was there before.  In a push the rules and changes are automatically saved
before any attempt is made to push out to the firewalls.  I find it strange
that one firewall picked up your change and the other didn't but that's
basically the difference between a push/fetch.


-----Original Message-----
From: Mailing list for discussion of Firewall-1
[mailto:[email protected]]On Behalf Of mikecc
Sent: Friday, October 12, 2001 4:48 PM
To: [email protected]
Subject: [FW-1] Difference between fetch and push

Hello,

I noticed something today that I never noticed before.  I had to
reboot a firewall and when the firewall came back up I was on the
console and did a "fw fetch" to get the latest policy from the Management
server, which happens to be a Provider-1 CMA.

All appeared ok, I even did a fw stat after the fact to see that
it got the proper policy.

However, one of the rules was not working the way we expected.  I
had made a change maybe an hour before to this particular rule, I
included the VRRP pair (of which the firewall I rebooted was a member
of) in the Install On colomn.  Prior to this change the rule did
not do what we wanted, it was just something I had to tweak.

So while running on the secondary after I fixed the rule, everything
worked fine.  But it appeared that when I did a fetch from the newly
restored master firewall it did not get that Install On change.

When I returned to my desk and pushed the policy out to the newly
restored Firewall the rule worked perfectly.

Is there a difference between what happens in a fetch and what happens
when a policy is pushed?

Mike

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

===============================================
To unsubscribe from this mailing list,
please see the instructions at
http://www.checkpoint.com/services/mailing.html
===============================================

References:
- [FW-1] Difference between fetch and push
  - From: mikecc <[email protected]>

Prev by Date: Re: [FW-1] [FW1] Nokia: Should I buy IP530 or IP650
Next by Date: Re: [FW-1] Time Synchronization
Previous by thread: [FW-1] Difference between fetch and push
Next by thread: Re: [FW-1] Difference between fetch and push
Index(es):
- Date
- Thread