Fortigate meassage || IPv4 policy lookup ||

Forum|Forum|2 years ago
June 13, 2023
1 reply
1455 views

Hi All,

Can anyone explain what the meaning of below message in policy lookup.

Policy lookup matches the implicit deny policy. No explicit policy exists from source interface "switch_port5" to destination interface "port1" as determined by a route lookup to "142.250.67.174"

thanks

FortiGate

adambomb1219

SuperUser

There is no policy configured that matched this traffic.

UmeshAuthor

Explorer II

Hi,

Can you explain what the implicit deny policy and explicit policy is.

srajeswaran

Staff

Hi @Umesh

Implicit deny policy is the "default policy" configured on the system by default. You cannot edit/modify this. This policy will drop the traffic that is not matching any other policies configured by you/firewall-admin.

All the firewall policies that are configured by you/firewall-admin called the explicit policy and they are placed above the implicit deny policy. Policy match happens from top to bottom in other words the explicit policies are checked first and if there are no match traffic will hit the implicit deny policy on the bottom.

I hope this helps.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded