Centrally Managing the Configuration File

If the configuration file on each Security Gateway is identical, you can manage one copy of the configuration file on the Security Management Server. This file is copied to the Security Gateways when you install the policy.

Important - You must use the newest configuration file installed on the Security Gateway for Remote Access Clients. If you do not install the newest configuration file on the Security Management Server, the server will have an outdated configuration file that does not support new features.

To centrally manage the configuration file on gateways:

1. On the Security Gateway, save a backup of the $FWDIR/conf/trac_client_1.ttm file.

   For CMA specific:

   1. On the MDS, run mdsenv CMA_NAME.

   2. Copy the $FWDIR/conf/trac_client_1.ttm file from the Security Gateway to the MDS's $FWDIR/conf/ directory in the CMA.

   3. Edit the $FWDIR/conf/fwrl.conf file on the Security Management Server in the CMA.

   For all MDS:

   1. Copy the $FWDIR/conf/trac_client_1.ttm file from the Security Gateway to the MDS's $MDS_FWDIR/conf/ directory.

   2. Edit the $MDS_FWDIR/conf/fwrl.conf file on the Security Management Server.

2. Find this section: % SEGMENT FILTERLOAD

3. In the NAME section, add this line:

   NAME = conf/trac_client_1.ttm; DST = conf/trac_client_1.ttm;

   This copies the trac_client_1.ttm file to the Remote Access clients Security Gateways each time you install the policy on them.

4. Save the file.

5. From the SmartConsole, install the policy on all gateways (policy acceleration must be canceled).

When clients download the new policy from the Security Gateway, configuration changes are applied.