How to verify the correct firewall policy is being used
If you have more than one firewall policy, use the count column to check which policy is being used, the count must show traffic increasing. To do so, go to Policy & Objects > Policy page.
Also debuging the packet flow in the CLI shows the policy id allowing the traffic.
Sample output:
id=13 trace_id=1 func=fw_forward_handler line=650 msg=”Allowed by Policy-14: SNAT”
For more information on debuging the packet flow, see How to debug the packet flow.
Having trouble configuring your Fortinet hardware or have some questions you need answered? Check Out The Fortinet Guru Youtube Channel! Want someone else to deal with it for you? Get some consulting from Fortinet GURU!