Hello everyone,
I'm using a forti #100E 7.2.5 and I'm having problems with a rule (port X to WAN)
I have allowed all traffic from a specific address. In the logs I see that the traffic is authorized, I send data but I receive nothing.
I haven't seen anything specific in the implicit rules and I have the impression that this problem occurred with version 7.2.5.
Are you experiencing this type of problem?
Could you give me some advice?
Many thanks
Sincerely
Sébastien
Solved! Go to Solution.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello Sébastien!!!
IMHO:
Did you check you are natting what is going to the port X to WAN?
Maybe you can post a debug output to know what is happening, in the case this is an issue in the Fortigate.
In this case, you could enable ping in firewall rules, execute the following commands in the fortigate unit and execute a ping in a computer or whatever:
diagnose debug flow filter clear
diagnose debug reset
diagnose debug flow filter addr x.x.x.x y.y.y.y and
diagnose debug flow filter proto 1
diagnose debug flow show function-name enable
diagnose debug flow trace start 10000
diagnose debug enable
Note: x.x.x.x and y.y.y.y are the source and destination addresses
Regards,
Damián
Hello Damian
Thanks for your feedback.
I managed to unblock the situation, there was a rule blocking the reception.
Thanks again
Sincerely
Hello Sébastien!!!
IMHO:
Did you check you are natting what is going to the port X to WAN?
Maybe you can post a debug output to know what is happening, in the case this is an issue in the Fortigate.
In this case, you could enable ping in firewall rules, execute the following commands in the fortigate unit and execute a ping in a computer or whatever:
diagnose debug flow filter clear
diagnose debug reset
diagnose debug flow filter addr x.x.x.x y.y.y.y and
diagnose debug flow filter proto 1
diagnose debug flow show function-name enable
diagnose debug flow trace start 10000
diagnose debug enable
Note: x.x.x.x and y.y.y.y are the source and destination addresses
Regards,
Damián
Hello Damian
Thanks for your feedback.
I managed to unblock the situation, there was a rule blocking the reception.
Thanks again
Sincerely
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1662 | |
1077 | |
752 | |
446 | |
220 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.