Hello,
I am doing some labs using Fortigate 201E.
By troubleshooting, I found out that there were many logs in policy 0, deny any any (the bottom line of policy).
Details showed it is "Threat 131072, threat score 30". The concerned protocols were HTTPS, Ping.
In order to get more details, I inserted the 1st line "permit any any" so all traffic should match this line, I am sure.
But strangely, there were still some logs in policy 0 saying threat.
I am very confused of this behavior because, as far as I understand, all traffic should pass over the first line of policy without going down to the last line policy 0.
anyone know the root cause? Your replies are very appreciated.
what are the source and destination interface for the policy you created?
Hello,
I found out the issue. Because I used redundant interface as source. Instead I should use vlan inside this interface.
After my correction on the concerned policy rules, traffic passes as I expected. The ping didn't work I don't know why. but most important is wanted traffic goes through.
Thank you.
Since there were logs in implicit deny, I guess the first rule (permit all/any) doesn't contain all services.
I'd like to know what are the services/ports it contains.
Does "ALL" mean only ports tcp/udp 1-65535 and ICMP? anything else?
About the ICMP issue, the error showed icmp 0/8. What is this?
ALL means all, so all protocols and if relevant all ports for that protocol.
ICMP 0/8 is one type of ICMP packet, specially Echo Request commonly ping, for more information look at: https://en.wikipedia.org/...ntrol_Message_Protocol
Hi Boneyard,
Thank you very much for your quicke replies.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.