Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
darisandy
Staff
Staff

Created on ‎02-09-2025 11:55 PM

Article Id 375578

Troubleshooting Tip: Firewall Policy 0 Bytes Count after Upgrade on FortiGate-7000F Series

Description This article describes how to troubleshoot if the firewall policy is not showing byte counts after the FortiOS upgrade.
Scope FortiGate-7000F Series v7.4.5.
Solution

After an upgrade to v7.4.5, the firewall policy shows 0-byte counts on the column even though traffic is passing normally.

 

The default option for CSF seems to change after the upgrade:

 

get sys csf 

status : enable
upstream :
source-ip : 0.0.0.0
upstream-interface-select-method: auto
upstream-port : 8013
group-name : SLBC
group-password : *
accept-auth-by-cert : enable
log-unification : disable
authorization-request-type: serial
fabric-workers : 2
downstream-access : disable
legacy-authentication: disable <-----
configuration-sync : local
fabric-object-unification: default
trusted-list:
forticloud-account-enforcement: enable
file-mgmt : enable
file-quota : 268435456
file-quota-warning : 90

 

Change the option to enable. The FortiGate will be able to consolidate the traffic volume from all the modules.

 

config system csf
    set legacy-authentication enable
end

 

After the change, the firewall policy should be able to show the byte count.
153
0 Kudos
Suggest New Article
Article Feedback
Contributors
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.