Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
jskryja
New Contributor II

Why is the firewall rule not working?

Hello, I am trying to connect to following website using port 2443, and I do not understand why it is not working. Do you have any idea please? On screens is everything (log and firewall rule). Thank you for any help, I do not understand it. It says block by policy 0 (which is default). I have another exception with port 2443 and it is working fine, don't know what is different here. It is Proxy Based. 

log:

log.png

firewall rule:

fw rule.png

4 REPLIES 4
Kush_Patel
Staff
Staff

Does this user falls into the group mentioned in the source of the policy ? You can also check if FQDN is resolving as expected by running following command on CLI : 

 

# diagnose firewall fqdn list
jskryja
New Contributor II

Hello, I came back after aleep and now it is working. How much time does it need to procees Proxy Based settings? 

succesful.png

VinayHM
Staff
Staff

Hi @jskryja 

 

If it blocked by  policy 0, we need to check is the FQDN are getting resolved or not.

 

Please refer to the below article when fqdns are not getting resolved to troubleshoot.

 https://community.fortinet.com/t5/FortiGate/Technical-Tip-FQDN-based-firewall-policies-are-not-worki...
https://community.fortinet.com/t5/FortiGate/Technical-Tip-FQDN-Wildcard-addresses-not-working-when-u...

 

Regards,

Vinay HM
jskryja
New Contributor II

As I said, after sleep it stars working, so maybe it was not resolved. I don't have any other idea what could be wrong.

Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors