Message meets Alert condition - traffic

Forum|Forum|6 years ago
December 11, 2019
1 reply
3810 views

hi all

need help, what is this message try to tell me:

date=2019-12-11 time=14:35:47 devname=MJR-IGP01 devid=FG100Dxxxxxxx logid=xxxxxxxxx type=traffic subtype=forward level=notice vd=root srcip=172.xx.xx.xxx srcport=42512 srcintf="VLAN1610" dstip=192.xxx.xxx.x dstport=53 dstintf="lan" sessionid=4252030 proto=17 action=deny policyid=0 policytype=policy dstcountry="Reserved" srccountry="Reserved" trandisp=noop service="DNS" duration=0 sentbyte=0 rcvdbyte=0 sentpkt=0 appcat="unscanned" crscore=30 craction=131072 crlevel=high

thank you in advance

lobstercreed

New Member

You don't have a policy allowing this traffic as it is hitting your default (implicit) deny policy. If you want it to be allowed you need to create an appropriate policy with a source interface of VLAN1610, destination interface of your LAN, and service of DNS.

nicky_aditeraAuthor

New Member

Hi lobstercreed

Thank you for your reply, if I don't have a policy allowing this traffic, will it causing the internet connection issue?

thank you

lobstercreed

New Member

I can't begin to give a definite answer to that as I have no idea what the layout of your network is or what DNS servers your clients are using, but of course blocking valid DNS traffic will cause any affected users to perceive that they "don't have internet" because they can't resolve hostnames like www.google.com etc, etc.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded