- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Forward Log shows "not allowed"
Hi!
I am trying to filter the forward log, but it does not work, as it should (in my mind).
Log-Filter: "Result: Deny (All)" shows: No matching entries found
Log-Filter: "Action: Deny: policy violation" is showing the logs
Can you give me a hint on how to show all the logs of connections which are not allowed?
--> Tested on a FG200E with software version 5.6.5
Thank you
Regards,
KPS
- Labels:
-
5.6
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Not allowed by implicit deny is typically not logged. 1st you need to enable log on the policies of interest regardless if it's allow deny
config firewall policy
edit 777
set log-forward-traffic enable
end
Next for logging implict deny, you need to enable that.
config log setting
set fwpolicy-implicit-log en
end
keep in mind if your logging to memory,syslog, disk,etc.... your just threw more load and wasted diskspace/memory-usages and the logs will roll more often
Ken
PCNSE
NSE
StrongSwan
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi!
The sessions are logged! I can see them with the filter:
Policy violation
My problem is, that the filter "Result: Deny (All)" does not match the sessions...
