Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
cybernet2025
New Contributor III

Threat id 131072

I've seen the log message like this.
Technical Tip: Threat 131072 is seen in logs when ... - Fortinet Community

I don't know what should I do next.
Could you please explain it for me?

7 REPLIES 7
gfleming
Staff
Staff

Do you have UTM enabled on the policy where these logs are originating from? If not its just the log messages stating a firewall connection was blocked due to policy.

Cheers,
Graham
cybernet2025

Hi Graham
Yes, I do I've enabled UT on the policy. What should I do next? Skip this message or other solutions.

srajeswaran

Can you validate the denied traffic is expected to be denied? If so, we can just ignore this as a normal traffic deny log.

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
cybernet2025

Hi 
Please find attached the details below.
I think it's a ms teams session but I don't know is it important?

cybernet2025_1-1676961299430.png

 



cybernet2025_0-1676961045652.png

 

srajeswaran
Staff
Staff

As per the log, the policy ID is "0", which is the default deny policy and it won't have UTM. Can you check the actual policy created between the source and destination interface and see if MS-Teams is allowed in that policy?

 

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
cybernet2025

only allowed for 80 and 443 services. 

gfleming

There's your answer! If you're only allowing port 80 and 443, anything else will be blocked. Your logs above are showing port 3478 is being blocked.

 

So either allow it or don't but if you don't you will see those log messages.

Cheers,
Graham
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors