Skip to main content
dlodovici
dlodovici
New Member
February 17, 2017
Question

Forward traffic log question

  • February 17, 2017
  • 1 reply
  • 7780 views

Hi,

 

I have a FortiGate 3040B (v5.2) connected via an IPsec VPN tunnel to a FortiGate 60D (v5.4) installed on a remote site.

On the FortiGate 3040B, in the "Traffic log" -> "Forword Traffic", I don't have any log about DNS. If I put the IP address of the DHCP and DNS server in the Source IP and the IP address of a PC behind the Fortigate 60D in the Destination address, I look only DHCP packets.

 

Someone could explain me why ?

 

Thank you

    1 reply

    vivianwu_FTNT
    Staff
    vivianwu_FTNT
    Staff
    February 17, 2017

    do you mean no dns related traffic log if put filter on source ip address using both dhcp and dns servers ip? 

     

    did you filter on GUI or cli? 

     

     

    dlodovici
    dlodoviciAuthor
    New Member
    February 20, 2017

    Yes, the DHCP and DNS services are on the same server, so the same IP.

    On the FortiGate 3040B I can see DHCP packets in both directions, but DNS packets only in ingress.

     

    I filter in GUI and I have the same results with a syslog server

     

     

    Thank you

    MikePruett
    MikePruett
    New Member
    February 20, 2017

    Are you only logging UTM events on your policies or are you logging all sessions?

    Terms & ConditionsAccessibility statement