You modified kernel parameters and after rebooting the gateway, a lot of production traffic gets dropped and the gateway acts strangely What should you do"?
A.
Run command fw ctl set int fw1_kernel_all_disable=1
B.
Restore fwkem.conf from backup and reboot the gateway
C.
run fw unloadlocal to remove parameters from kernel
D.
Remove all kernel parameters from fwkem.conf and reboot
If you have modified kernel parameters (infwkern.conf, for example) and the gateway starts dropping traffic or behaving abnormally after a reboot, the best practice is to restore the original or a known-good configuration from backup. Then, reboot again so that the gateway loads the last known stable settings.
Option A(fw ctl set int fw1_kernel_all_disable=1) is not a standard or documented method for “undoing” all kernel tweaks.
Option B(Restore fwkem.conf from backup and reboot the gateway) is the correct and straightforward approach.
Option C(fw unloadlocal) removes the local policy but does not revert custom kernel parameters that have already been loaded at boot.
Option D(Remove all kernel parameters from fwkem.conf and reboot) might help in some cases, but you risk losing other beneficial or necessary parameters if there were legitimate custom settings. Restoring from a known-good backup is safer and more precise.
Hence, the best answer:
“Restore fwkem.conf from backup and reboot the gateway.”
Check Point Troubleshooting References
sk98339– Working with fwkern.conf (kernel parameters) in Gaia OS.
sk92739– Advanced System Tuning in Gaia OS.
Check Point Gaia Administration Guide– Section on kernel parameters and system tuning.
Check Point CLI Reference Guide– Explanation of using fw ctl, fw unloadlocal, and relevant troubleshooting commands.
Contribute your Thoughts:
Chosen Answer:
This is a voting comment (?). You can switch to a simple comment. It is better to Upvote an existing comment if you don't have anything to add.
Submit