log all "Allows" and all "Denies"

Forum|Forum|5 years ago
July 8, 2020
1 reply
2617 views

Hello everyone, The Firewall is a Fortigate 100E with Version 6.0.9 Build 0335 (GA).

Is there a possibility to see all "Allows" and all "Denies" with "diag sniffer packet"?

Or else with debug mode?

I know i can see all denies in syslog.

And i if enable "Log allowed traffic -> All Sessions" on a policy i can also see allowed traffic on syslog.

But sometimes i don't know on which policy i have to enable "All Sessions" and it would be helpful to see all "Allows" and "Denies" for example with debug or diag.

Best Regards,

Danfor

maick78

New Member

Hi danfor,

Yes, in debug mode you can see all traffic passthrough on the fortigate.

I recommend you implement a FortiAnalyzer.

-dwb

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded