Firewall LEARN rule

Forum|Forum|9 years ago
October 31, 2016
1 reply
8157 views

Hi folks,

does anybody know how much time/traffic needs LEARN rule to actually show anything in the Log? I have it set up for 5 days and 30GB of traffic went through but still don't see any result.

5.4

emnoc

New Member

Qs:

What do you mean by learn rule? have you conduct any "diag debug flow" commands to validate that traffic is actually hit that rule that you suspect?

Robert_CernyAuthor

New Member

LEARN rule is the new thing in FortiOS 5.4.1. You have another fw rule to ACCEPT and DENY named LEARN, which checks packets and according to docs after some time shows its results in Log & Report pane.

[link]https://www.youtube.com/watch?v=LI3bW2eO-ck[/link]

MikePruett

New Member

Emnoc is right. Can you verify that traffic is truly hitting this policy? Chances are it needs to be higher up on the policy set as an existing policy may be letting the traffic traverse before it gets down to the learn rule you created.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded