Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Umesh
Contributor

IP is not being blocked in policy

Hi there,

 

I have blocked one IP from outside to LAN, there is no hit also showing at policy but malicious IPs being drop under Intrusion prevention system.

 

The question is why ??

 

Before entering malicious IPs from wan to LAN, IP must be blocked If I have created policy for blocked.

 

thank you for early response in advanced.

4 REPLIES 4
srajeswaran
Staff
Staff

Can you share the event log for the same?

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

joshep1
New Contributor

You can use the 'Policy Lookup' tool under 'Firewall Policy' as well. It will tell you what policy your traffic is matching.

Speed Test https://vidmate.bid/
Toshi_Esumi
Esteemed Contributor III

If you're using a VIP to allow out to in, you need to set "set match-vip enable" on the deny policy.
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Firewall-does-not-block-incoming-WAN-to-LA...

Toshi

hbac
Staff
Staff

Hi @Umesh,

 

Agreed with Toshi. Alternatively, you need to create local-in-policy to block traffic from WAN to LAN. Please refer to https://docs.fortinet.com/document/fortigate/7.4.1/administration-guide/363127/local-in-policy

 

Regards, 

Labels
Top Kudoed Authors