Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
anjali
New Contributor II

Regarding device action in fortigate logs

Hi all,

Can anybody tell what are the different device actions in fortigate logs and when these actions occur?

Also, what is the difference between device action block, blocked and deny and also between accept and pass?

What is the meaning of device action client-rst and server-rst?

 

2 REPLIES 2
Vichu_94
Staff
Staff

 Hi Anjali

Please find the difference between allow, pass, and exempt in UTM feature with the link below:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-Details-about-quot-pass-quot-and-quot-exem...


As far as the client rst and server rst are tcp reset packet sent by the client or server to close the connection 

Regards

Vishal P
anjali
New Contributor II

Hi Vishal,

Thank you so much for your reply.

I got the difference between exempt and pass from the link you provided. But no information on accept.

And also, what is the difference between block, blocked and deny?

And about client-rst and server-rst, if the action is client or server-rst, does that mean the event is allowed by the fortigate and the connection is established?

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors