Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
anandhubs
New Contributor II

Created on ‎04-18-2023 06:04 AM

Command

How to find which policy is used for a specific traffic( from a particular source to particular destination.) using cli

Labels:
512
0 Kudos
1 Solution
knagaraju
Staff
Staff

Created on ‎04-18-2023 11:17 PM

Hello anandhubs,

Below is the command to check policy lookup from cli


diagnose firewall iprope lookup <src ip> <src port> <dst ip> <dst port> <protocol> <device>

For example
diagnose firewall iprope lookup 192.168.1.1 123 8.8.8.8 443 6 port4


Please let me know if you any additional queries.

View solution in original post

479
2 REPLIES 2
gfleming
Staff
Staff

Created on ‎04-18-2023 09:19 PM

I don't believe there is a way to do this using CLI. You can use grep to filter your config output but that's about it AFAIK

Cheers,
Graham
487
0 Kudos
knagaraju
Staff
Staff

Created on ‎04-18-2023 11:17 PM

Hello anandhubs,

Below is the command to check policy lookup from cli


diagnose firewall iprope lookup <src ip> <src port> <dst ip> <dst port> <protocol> <device>

For example
diagnose firewall iprope lookup 192.168.1.1 123 8.8.8.8 443 6 port4


Please let me know if you any additional queries.

480
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.