Skip to main content
Dave_S
Dave_S
New Member
November 5, 2024
Question

[NFR] Block Report

  • November 5, 2024
  • 2 replies
  • 1000 views

There are so many policies and profiles that can result in traffic being blocked, it can be difficult to analyze all the logs to determine why.  I would suggest adding a "Block Report" to a FortiGate and/or FortiAnalyzer that focuses on giving an administrator a quick diagnosis of why a packet, application or connection it's being blocked.  It might be similar to the "Local Traffic" log, but provides more details about why traffic was dropped.

2 replies

dbhavsar
Staff
dbhavsar
Staff
November 5, 2024

Hello @Dave_S ,

 

I would suggest to reach out to your SE for any NFR requests.

AEK
SuperUser
AEK
SuperUser
November 5, 2024

I think it is already here.

In traffic log, when you double-click on the line of a blocked traffic it will show in the right panel which policy has blocked the traffic. And also in UTM logs (App, SSL, IPS and so), you can see more information when you double-click on the log entry.

On the other hand, further information can be seen with debug command (diag debug flow ...)

AEK
Terms & ConditionsAccessibility statement