2 FGT 100D + FTK200
3 FGT 60E FAZ VM some FAP 210B/221C/223C/321C/421E
PCNSE
NSE
StrongSwan
Denied by forward host policy checkGood so now you know for sure and don' t have to guess Are you 100% on the firewal policy for that interfaces? The messages typically means; you firewall policy ordering is wrong? Your policy is missing? What I would do is to go into the WebGUI, filter on SRC interfaces LAN ( assuming that is the interface that' s having problems ) and then DST interface vlan3 ( once again assuming that' s the destination ) and just scan thru your firewall policies. One of those policies should match your traffic if correct. Let us know what you find and I will repeat myself ; diag debug flow is your best friend
PCNSE
NSE
StrongSwan
PCNSE
NSE
StrongSwan
User | Count |
---|---|
983 | |
818 | |
446 | |
440 | |
130 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.