Forward Log shows "not allowed"

Forum|Forum|7 years ago
August 20, 2018
1 reply
4991 views

Hi!

I am trying to filter the forward log, but it does not work, as it should (in my mind).

Log-Filter: "Result: Deny (All)" shows: No matching entries found

Log-Filter: "Action: Deny: policy violation" is showing the logs

Can you give me a hint on how to show all the logs of connections which are not allowed?

--> Tested on a FG200E with software version 5.6.5

Thank you

Regards,

KPS

5.6

emnoc

New Member

Not allowed by implicit deny is typically not logged. 1st you need to enable log on the policies of interest regardless if it's allow deny

config firewall policy

edit 777

set log-forward-traffic enable

end

Next for logging implict deny, you need to enable that.

config log setting

set fwpolicy-implicit-log en

end

keep in mind if your logging to memory,syslog, disk,etc.... your just threw more load and wasted diskspace/memory-usages and the logs will roll more often

Ken

KPSAuthor

New Member

Hi!

The sessions are logged! I can see them with the filter:

Policy violation

My problem is, that the filter "Result: Deny (All)" does not match the sessions...

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded