Hello Administrators!!!
I recently observed behavior in the subject of this message.
Below is part of the traffic extracted with "diagnose sniffer packet command"
2.771287 31.13.71.48.3478 -> 10.1.XXX.XXX.62870: udp 68
2.771716 31.13.71.48.3478 -> 10.1.XXX.XXX.62870: udp 68
2.777748 31.13.67.51.3478 -> 10.1.XXX.XXX.62870: udp 68
2.778070 31.13.67.51.3478 -> 10.1.XXX.XXX.62870: udp 68
6.355758 10.1.XXX.XXX.62870 -> 177.195.98.XXX.56704: udp 44 (Drop, because matched in policy 0)
6.938413 10.1.XXX.XXX.62870 -> 177.195.98.XXX.56704: udp 44 (Drop, because matched in policy 0)
7.522756 10.1.XXX.XXX.62870 -> 177.195.98.XXX.56704: udp 44 (Drop, because matched in policy 0)
8.104866 10.1.XXX.XXX.62870 -> 177.195.98.XX.56704: udp 44 (Drop, because matched in policy 0)
177.195.98.X in this exemple, is the dinamic valid IP from Mobile Network connection on cell phone
Does anyone have any ideas about this behavior?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hello @silviogulbf ,
Seems like there is no matching policy from 10.1.XXX.XXX.62870 to 177.195.98.XXX.56704 for udp port 44.
Use the following command to trace a specific traffic on which firewall policy it will be matching
diag firewall iprope lookup <src_ip> <src_port> <dst_ip> <dst_port> <protocol> <Source interface>
BR
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1561 | |
1034 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.