After you change or update the Security policy, you can use fwm load
command to push the configuration to the Security Gateways. This command validates the policy and makes sure that rules agree with each other.
In this example, the fwm load
command successfully pushes the policy (Standard
) to the Security Gateway (samplegw
).
# fwm load Standard samplegw Installing policy on R77 compatible targets: Standard.W: Security Policy Script generated into CustomerPolicy.pf Standard: Compiled OK. Installing Security Gateway policy on: examplegw ... Security Gateway policy installed successfully on examplegw... Security Gateway policy installation complete Security Gateway policy installation succeeded for: examplegw |
If the policy did not install successfully, the output of the fwm load
command shows an error message. The Security Gateway continues to enforce the policy that was installed before you ran the script.
To install the policy for a Domain Management Server, run the necessary Multi-Domain Server CLI commands. You can run them individually or as part of a script.
This sample script installs the Standard
policy from Domain Management Server Cust_CMA
on the Security Gateway examplegw
.
mdsenv Cust_CMA dbedit –globallock -s Cust_CMA -u admin -p admin -f dbedit_createpolicy_objects.txt fwm load Standard examplegw |