Why is the firewall rule not working?

jskryja · ‎07-25-2023

Hello, I am trying to connect to following website using port 2443, and I do not understand why it is not working. Do you have any idea please? On screens is everything (log and firewall rule). Thank you for any help, I do not understand it. It says block by policy 0 (which is default). I have another exception with port 2443 and it is working fine, don't know what is different here. It is Proxy Based.

log:

firewall rule:

fw rule.png

Kush_Patel · ‎07-25-2023

Does this user falls into the group mentioned in the source of the policy ? You can also check if FQDN is resolving as expected by running following command on CLI :

# diagnose firewall fqdn list

jskryja · ‎07-25-2023

Hello, I came back after aleep and now it is working. How much time does it need to procees Proxy Based settings?

VinayHM · ‎07-25-2023

Hi @jskryja

If it blocked by policy 0, we need to check is the FQDN are getting resolved or not.

Please refer to the below article when fqdns are not getting resolved to troubleshoot.

https://community.fortinet.com/t5/FortiGate/Technical-Tip-FQDN-based-firewall-policies-are-not-worki...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-FQDN-Wildcard-addresses-not-working-when-u...

Regards,

Vinay HM

jskryja · ‎07-25-2023

As I said, after sleep it stars working, so maybe it was not resolved. I don't have any other idea what could be wrong.

Why is the firewall rule not working?

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website