FireWall-1 FAQ: Failed to Load Security Policy: No such file or directory
Please note: This content was from when I was operating my FireWall-1 FAQ site, which I stopped operating in August 2005. For some reason people still have links to this stuff on the Internet that people are still clicking on.
I am making this information available again AS IS. Given how old this information is, it is likely wildly inaccurate. I have no plans to update this information.
If you're still running versions of Check Point VPN-1/FireWall-1 where this information is still relevant to you, do yourself a favor and upgrade to a more recent release. If you happen to be running a current release and the information is useful, it's by happenstance :)
Q:
I have a master/client set up. I am getting the following error message from both the master and client when starting FireWall-1. I get the same message when I tried to ‘fw fetch master’ from the client or ‘fw load policy.W client’ from the master:
Failed to Load Security Policy: No such file or directory
A:
In some cases, this is because you do not have the correct license installed. To verify the license key, on each machine:
fw printlic -k
Make sure that
- If you are using ‘eval’ license, that it has not expired.
- There is no entries with the word [Invalid] under the ‘Features’ column.
To re-set the license file on Solaris 2.x:
fwstop
rm /etc/fw/conf/fw.license
rem_drv fw
fw putlic ....
add_drv fw
fw printlic -k
For other platforms:
fwstop
rm /etc/fw/conf/fw.license
fw putlic ....
fw printlic -k
In other cases, this error has come up because your policy may contain a non-US ASCII character such as an umlaut in a comment. Another possible problem is that you’ve called your policy the same name as your firewall, which is a bad thing (Karim Ismael discovered this). Name your policy something else.
