How to verify the correct firewall policy is being used

How to verify the correct firewall policy is being used

If you have more than one firewall policy, use the count column to check which policy is being used, the count must show traffic increasing. To do so, go to Policy & Objects > Policy page.

Also debuging the packet flow in the CLI shows the policy id allowing the traffic.

 

Sample output:

id=13 trace_id=1 func=fw_forward_handler line=650 msg=”Allowed by Policy-14: SNAT”

For more information on debuging the packet flow, see How to debug the packet flow.

Leave a Reply

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.