Enable logging an all rules and check the log in the "Log & Report"
section. for all allowed traffic you see the corresponding rule id.
Double check, if you have no allow police above this rule.Otherwise use
the debug commands:diag debug enable diag ...
Hi @Anatoli Try to find your issue with the following debug commandsdiag
debug enable diag debug application ike -1The output should you help to
identify the reason for that. Also check the routing table. Do you see
the needed routing entries:get rou...
It depends what do you want to achive. For outgoing traffic you need a
S-NAT Rule:- Create Policy and select your IP-Pool object- this rule
handle outgoing and incoming packets for a session initiate from inside
For incoming traffic you need another ...
Hi @AdrianR Your Rule block any connections comming from your selected
country to any hosts behind the "lan"-Switch. I'm not sure, what exectly
you would like to achive. Because this rule only helps if you have any
VIP-Rules below that rule. If you h...
Hi Try to check the traffic with "debug flow": diag debug enable diag
debug flow filter addr diag debug flow trace start 10
With the debug output ou are able to double check witch rule is applied
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.