Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Paul_S
Contributor

FGT60E 5.4.1 not showing forward traffic logs and forticloud issue

using standalone FG60E v5.4.1, logging to memory and forticloud (if I can get it working).

 

forward traffic logs are blank. I tried UTM events, all session and web profile "log-all-urls". log still blank.

 

also the forticloud test account button does not work and the account box is blank, but cannot be changed.

FG200D 5.6.5 (HA) - primary [size="1"]FWF50B' s 4.3.x, FG60D's 5.2.x, FG60E's 5.4.x                   [Did my post help you? Please rate my post.][/size] FAZ-VM 5.6.5  |  Fortimail 5.3.11 Network+, Security+

FG200D 5.6.5 (HA) - primary [size="1"]FWF50B' s 4.3.x, FG60D's 5.2.x, FG60E's 5.4.x [Did my post help you? Please rate my post.][/size] FAZ-VM 5.6.5 | Fortimail 5.3.11 Network+, Security+
1 Solution
Justfly
New Contributor II

Hi,

I had the same problem.

Use the following commands to show allowed traffic in memory log.

 

config log memory filter set severity information end

 

Regards,

Justfly

 

View solution in original post

18 REPLIES 18
awasfi_FTNT
Staff
Staff

Hello,

 

Check the following:

config  log  memory filter

get                               <<-- list all options

Make sure forward-traffic logs enabled. If not then:

set forward-traffic enable

end

 

The same for FortiCloud:

config  log  fortiguard filter

set forward-traffic enable

end

 

Enable "Log Allowed Traffic" and select "All Sessions" on the firewall policy.

 

Make sure you display logs from the correct location(GUI):

"Log & Report >> Log Settings >> GUI Preferences >> Memory/FortiCloud"

 

FortiCloud you need to register the account first before using it (It's different than the account used for support portal). Under "Dashboard >> License Information" locate FortiCloud and register it then it should be available.

 

Regards,

 

Paul_S

I will do this. I like the CLI, but many of my colleagues do not.

 

Is there a way in the GUI to do this?

FG200D 5.6.5 (HA) - primary [size="1"]FWF50B' s 4.3.x, FG60D's 5.2.x, FG60E's 5.4.x                   [Did my post help you? Please rate my post.][/size] FAZ-VM 5.6.5  |  Fortimail 5.3.11 Network+, Security+

FG200D 5.6.5 (HA) - primary [size="1"]FWF50B' s 4.3.x, FG60D's 5.2.x, FG60E's 5.4.x [Did my post help you? Please rate my post.][/size] FAZ-VM 5.6.5 | Fortimail 5.3.11 Network+, Security+
awasfi_FTNT

Hello,

 

Not every option available from CLI, however forward-traffic should be enabled by default.

It looks like the issue is the GUI location where you displaying the logs from.

 

Regards,

Jaywant
New Contributor II

Hello All,

 

I am also facing same issue but on FG60D and FG80C both has v5.4.1

Though policies got All traffic monitor and Log settings also has set forward-raffic enable

No logs under forward traffic logs.

 

It simply shows "No matching entries found." Though nothing has been filtered out...

 

Thanks

 

 

Thanks & Regards,
Jaywant

Thanks & Regards,Jaywant
fl0at0xff
New Contributor II

Hello. I have the same problem (or a similar one) with Fortigate 60D / E 5.4.1 and with FortiWifi 60E. I just have lan and WAN connected, one policy to allow LAN to WAN all traffic with Log All Session enable. My devices connected to LAN interfaces are able to surf on the internet (policy and default route created). This policy rules log all sessions. In the log settings, I log all that I want on the memory and I display log from memory. But when I want to see log, I just see Deny: IP Connection Error. I can't see allowed trafic and other potential deny. This is very strange because these log entries match my unique policy "LAN to WAN".

emnoc
Esteemed Contributor III

This might help, beneficial for forticloud diagnostics

 

 

http://socpuppet.blogspot.com/2014/07/how-to-diagnostic-forticloud-issues-52ga.html

 

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
Justfly
New Contributor II

Hi everybody,

 

I have the same issue (no log entry for forward traffic) as user  fl0at0xff .

We use a FortiWifi 60E (firmware 5.4.3)

 

Is there any solution for this problem?

 

Thanks a lot,

Justfly

boneyard
Valued Contributor

Justfly can you please start a new thread? there are already three totally different situations in this one and yours is different also, just because it is now about version 5.4.3.

 

so new thread and show related configuration (policies, log settings, ...), what you are exactly looking at (fortianalyzer, forticloud, fortigate, ..?) screenshot of what you do see.

 

 

ikovac

I have the same thing on FWF60C FortiOS ver 5.2.10. I guess FortiCloud service is not working properly. Here is what I have tried: https://forum.fortinet.com/FindPost/144556

 

For me it stopped working on 08.01.2017 at 18:05 CET

 

This is the result of the diag test that is not good: 

 

diag test application forticldd 3 Debug zone info:     Home log server: 0.0.0.0:0     Alt log server: 0.0.0.0:0     Active Server IP:      0.0.0.0     Active Server status:  unknown

 

Do you have the same result if you try this diag test?

Labels
Top Kudoed Authors