Created on 03-23-2009 08:21 AM
Description | How to log traffic violation on the Virtual IP. |
Components |
|
Steps or Commands | To log traffic violation on the Virtual IP (VIP), you have to use a clean-up DENY rule in the end of the firewall policy list, with the destination address as the VIP. Using "all" instead of VIP, no log will be shown. The following is a sample CLI configuration. Config firewall vip edit "MY_VIP" set extip 192.168.1.1 set extintf "external" set mappedip 10.0.0.1 next end Config firewall policy edit 1 set srcintf "external" set dstintf "internal" set srcaddr "all" set dstaddr "My_VIP" set schedule "always" set service "ANY" set logtraffic enable next end |
Related Articles
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.