Hi all,
Can anybody tell what are the different device actions in fortigate logs and when these actions occur?
Also, what is the difference between device action block, blocked and deny and also between accept and pass?
What is the meaning of device action client-rst and server-rst?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi Anjali
Please find the difference between allow, pass, and exempt in UTM feature with the link below:
https://community.fortinet.com/t5/FortiGate/Technical-Tip-Details-about-quot-pass-quot-and-quot-exem...
As far as the client rst and server rst are tcp reset packet sent by the client or server to close the connection
Regards
Hi Vishal,
Thank you so much for your reply.
I got the difference between exempt and pass from the link you provided. But no information on accept.
And also, what is the difference between block, blocked and deny?
And about client-rst and server-rst, if the action is client or server-rst, does that mean the event is allowed by the fortigate and the connection is established?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1717 | |
1093 | |
752 | |
447 | |
234 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.