Hi All,
Can anyone explain what the meaning of below message in policy lookup.
Policy lookup matches the implicit deny policy. No explicit policy exists from source interface "switch_port5" to destination interface "port1" as determined by a route lookup to "142.250.67.174"
thanks
There is no policy configured that matched this traffic.
Hi,
Can you explain what the implicit deny policy and explicit policy is.
Hi @Umesh
Implicit deny policy is the "default policy" configured on the system by default. You cannot edit/modify this. This policy will drop the traffic that is not matching any other policies configured by you/firewall-admin.
All the firewall policies that are configured by you/firewall-admin called the explicit policy and they are placed above the implicit deny policy. Policy match happens from top to bottom in other words the explicit policies are checked first and if there are no match traffic will hit the implicit deny policy on the bottom.
I hope this helps.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.