Hello ya'lll.I'm having an issue, and I have no doubt I'm missing
something simple, but try as I might I can't figure it out. I'm setting
up some Policies for "bypass" to allow servers to get out to the
Internet for updates for certain products, and ...
Thanks for the assist!Indeed, I only have a single "deny" rule for each
"zone to zone" policy, and that is at the very bottom.I don't use URL
filtering currently. Essentially, all of the "NGFW" features of this box
are effectively "off". It's just ac...
Thanks for the reply! I'm using FQDN and wildcard specification for
this.Specific to "chocolately.org", the FG is saying "unresolved FQDN".
However, we have this same problem on many, many other domains, that do
resolve the wildcard addresses.Example...
nothing helpful. "Policy violation"Again, the frustrating thing is that
both the SRC and DST ips/FQND's have a policy to ALLOW the very traffic
that's being blocked. I don't understand how they're slipping through
the respective "allow" policies. -jb
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.