Support Center > Search Results > SecureKnowledge Details
Policy installation / fetch fails on Centrally Managed 1100 appliance due to insufficient disk space on /fwtmp partition Technical Level
Symptoms
  • Policy fetch fails on Centrally Managed 1100 appliance:

    [Expert@1100_Appliance]# fw fetch
    Fetching Security Policy From: Name_of_Management_Server
    
    Fetching Security Policy Succeeded.
    
    Installing Security Policy...
    gunzip: write: No space left on device
    gunzip: error inflating
    [ PID ...]@1100_Appliance[Date Time]
    sfw_load: Error loading security policy
    
    Error loading policy.
    sfw_fetch_callback: Failed to execute command '"/opt/fw1/bin/fw" fetchlocal -d "/opt/fw1/state/__tmp/FW1"'. rc=1, exit code =-1
    Unable to install the Security Policy on the appliance
    
  • The following errors appear in SmartDashboard while installing policy on Centrally Managed 1100 appliance:

    • Installation failed. Reason: Failed to load Policy on Security Gateway
    • Installation failed. Reason: Failed to execute policy install commit function
    • Load on Module failed - problem with the Commit Function
    • Load on module failed - not enough disc space
  • Disabling IPS blade, Application Control blade, URL Filtering blade in 1100 appliance object resolves the issue.

Cause

The policy file local.set.gz contains a large number of IPS Protections (even if the IPS Blade is disabled on this 1100 appliance) / Application Control and URL Filtering signatures.

The /fwtmp partition on an 1100 appliance is set to a size of 40MB, which is not enough for the operation to complete successfully in this specific scenario.


Solution
Note: To view this solution you need to Sign In .