Hii
Could someone help me please to identify the problem
I don't know why this traffic is blocked and it affects our ADSync Server online syncronization
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
First remove the webfilter from the policy to see if it starts working in the first place. Based on the policy view there is no web filter applied at this time. Just to make sure.
If it fails working, there is no point troubleshooting anything on the webfilter since it has no direct affect. The traffic is blocked BEFORE the webfilter will be applied.
When the traffic is working fine, then apply webfilter etc. to the traffic. You will also need minimum certificate inspection, better a deep inspection as FortiGate can only block what it can read. Encrypted traffic cannot be read.
Next is that your initial screenshot show a different source interface (port1 vs port2). See if that is the pattern on the failure.
Check if the interface group/zone called "outside" contains both port1 and port2 - I would suspect that is not the case, based on the logs.
Best regards,
Markus
He is getting "implicit deny" as one of the first repliers already wrote.
This means that traffic did not hit ANY policy but policy #0 ("implicit deny") and thus got denied.
So it is of no use to try to disable Filters on policies because they are not hit.
I would suggest to check why this traffic doesn't hit any policy.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
First remove the webfilter from the policy to see if it starts working in the first place. Based on the policy view there is no web filter applied at this time. Just to make sure.
If it fails working, there is no point troubleshooting anything on the webfilter since it has no direct affect. The traffic is blocked BEFORE the webfilter will be applied.
When the traffic is working fine, then apply webfilter etc. to the traffic. You will also need minimum certificate inspection, better a deep inspection as FortiGate can only block what it can read. Encrypted traffic cannot be read.
Next is that your initial screenshot show a different source interface (port1 vs port2). See if that is the pattern on the failure.
Check if the interface group/zone called "outside" contains both port1 and port2 - I would suspect that is not the case, based on the logs.
Best regards,
Markus
Created on 05-02-2023 12:58 AM Edited on 05-02-2023 12:59 AM
Hi @msanjaypadma
Thanks for caring, I tried to bybass the firewall and found that the traffic fail still exist
so the fortigate is not responsible for the failure.
thanks
He is getting "implicit deny" as one of the first repliers already wrote.
This means that traffic did not hit ANY policy but policy #0 ("implicit deny") and thus got denied.
So it is of no use to try to disable Filters on policies because they are not hit.
I would suggest to check why this traffic doesn't hit any policy.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1713 | |
1093 | |
752 | |
447 | |
231 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.