How to enable a "Log violation traffic" in DENY policy

fortinetforumfiokom · ‎05-07-2024

Hi,

I created a DENY policy (see. picture below). I tried to enable log violation traffic, but after click OK, and than reedit the policy it is switched off again. This is a normal behaviour?

ebilcari · ‎05-07-2024

This issue is already reported and affects the 7.4 firmware branch. It is already fixed and will be included in future releases (#985419). It is classified only as a GUI issue, if logging is enabled through CLI it will log the traffic.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.

View solution in original post

ebilcari · ‎05-07-2024

This issue is already reported and affects the 7.4 firmware branch. It is already fixed and will be included in future releases (#985419). It is classified only as a GUI issue, if logging is enabled through CLI it will log the traffic.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.

fortinetforumfiokom · ‎05-07-2024

Attention!
You have to be careful that if you reopen the rule for editing in the GUI and even if you don't change anything, you have to set the Log violation traffic switch again each time, because if you don't, the log will be turned off automaticly on exit.

ebilcari · ‎05-07-2024

Thanks for sharing your findings. It seems that each time the policy configurations are saved from GUI, it is wrongly interpreted like the option is unselected and will remove the line from the configuration file.

- Emirjon
If you have found a solution, please like and accept it to make it easily accessible for others.

Ashishdeep · ‎05-07-2024

Was this issue occurred in the previous version before moving to 7.4.3 ?

fortinetforumfiokom · ‎05-07-2024

I hadn't noticed this bug before.