1: craft a policy with a deny and log traffic all , re-order it at the bottom of the sequence set the src/dst as ALL/ANY for address and interfaces then set the "set log traffic all" with the action as deny.
set dstintf "any"
set srcintf "wan1"
set srcaddr "all"
set dstaddr "all"
set action deny
set schedule "always"
set service "ALL"
set logtraffic all
set comment " set this seq# as the lowest"
2: use the log sys command to "LOG" all denies via the CLI
FGT100DSOCPUPPETCENTRO (setting) # show full-configuration | grep fwpo
set fwpolicy-implicit-log disable
set fwpolicy6-implicit-log disable
NOTE none of these should be required imho and experience and can craft a lot of "white noise" . Here's why, logging drop traffic wastes 1> resource 2> disk/log 3> if syslog is use....excessive network chatter
OK so I have tried all ideas on this post and I still get no output?????? This does not make sense to me. All I want to see is the blocking or dropping from WAN-1 to Internal to make sure the Firewall is doing what it is suppose to do.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.