Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Abdal_opr
New Contributor

FortiManager Issues

FortiManager Version: 7.2.4, FortiGate Version: 7.0.13


Hello,


We encountered issues with FortiManager 7.2.4, so we decided to perform a fresh setup, but unfortunately, the problems persist.


The Logs Filter is not functioning correctly, consistently displaying "No logs found." Additionally, we are unable to activate or view logs for the default deny policy.


Within the logs, we observed an unknown interface for certain policies. Although template groups are present, there is no visible content. Despite a background loading process, nothing is displayed, and it remains grayed out!

 

What could be the underlying problem?


Thanks for helping!

 

1 Solution
vraev
Staff
Staff

Hi @Abdal_opr ,
About the Implicit deny will be resolved in 7.2.5 but you could try the following as workaround:
Create a script with the following config and execute on the respective policy package:
config policy package setting
set fwpolicy-implicit-log enable
end


V.R.

View solution in original post

4 REPLIES 4
vraev
Staff
Staff

Hi @Abdal_opr ,

 

Please provide a screenshot for better understanding (capture the whole page, pls).

 

Best,

V.R.
Abdal_opr

Hi @vraev 

 

When I set the timer to 12 hours, it works, but when I set it to 1 hour, it doesn't work and keeps loading:

logsFilter_last_1_hourlogsFilter_last_1_hourI am unable to locate any logs from the default deny policy. When attempting to activate it and clicking on "Log IPv4 Violation Traffic," nothing happens, and it consistently displays "No Log":

defaultDenyPolicy_noLogsNoActivationdefaultDenyPolicy_noLogsNoActivationWe also have numerous template groups. However, when I click on "Template Groups," nothing happens, and it remains grayed out:

templateGroups_noContenttemplateGroups_noContent

For some policies, I observe "unknown-0" as the source interface and the FortiGate's own IP as the source IP. Nevertheless, there are no routing, IPsec, or interface issues despite these configurations:

sourceInterface_unknown-0sourceInterface_unknown-0

 

Thanks for helping!

vraev
Staff
Staff

Hi @Abdal_opr ,
About the Implicit deny will be resolved in 7.2.5 but you could try the following as workaround:
Create a script with the following config and execute on the respective policy package:
config policy package setting
set fwpolicy-implicit-log enable
end


V.R.
vraev
Staff
Staff

For the other issues I would suggest to open a ticket with the SN of the FMG.

 

Best,

V.R.
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors