How to verify the correct firewall policy is being used

How to verify the correct firewall policy is being used

If you have more than one firewall policy, use the count column to check which policy is being used, the count must show traffic increasing. To do so, go to Policy & Objects > Policy page.

Also debuging the packet flow in the CLI shows the policy id allowing the traffic.

 

Sample output:

id=13 trace_id=1 func=fw_forward_handler line=650 msg=”Allowed by Policy-14: SNAT”

For more information on debuging the packet flow, see How to debug the packet flow.


Having trouble configuring your Fortinet hardware or have some questions you need answered? Ask your questions in the comments below!!! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!

Leave a Reply

Name *
Email *
Website