I’ve been assisting a customer with a problem with a new CheckPoint 2200 series appliance. The new gateway was successfully deployed and Locally Managed (gateway and management) with a basic firewall rule-set configured. The rule-set was pushed and developed over the course of the day but a subsequent policy pushed would result in the error “Installation Failed. Load on Module failed – failed to load Security Policy”.
Various troubleshooting was performed but when the command “fw fetch localhost” was run, the error returned revealed the exact cause of the issue.
The appliance was standalone and NOT a member of a cluster, the license file although correct for the mac address of the appliance was for “High Availabiliy”. Checking on the usercenter revealed the gateway was actually purchased as an HA appliance, hence the problem. Thankfully we had a spare appliance not licensed for HA