Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

LAN to DMZ policy

i have a LAN to DMZ policy to allow LAN traffic.

but we noticed that there are some traffic that are drop or deny due to threat

what does threat 262144 means ??

New Contributor

any one encounter the same issue b4 ?

application = unknown

category = unscanned

protocol = tcp

Action = Deny:IP connection error


level = low

threat level = low

threat score 5



Hi Kinmun,

I'm not sure about the threat part, it could be IPS / IDS or AV that's screwing your connection.

about the IP connection error;

This is probably due to the destination not reacting in time, hence the error. the server does not respond or isn't able to connect in time ( time-out ).

I'v seen it before with HP switches, it turned out that there was a high collision rate on the switch ( in other words, the switch was at max capacity of throughput and therefor started dropping packets ).

you can read more about the IP connection error here : I would suggest checking the whole path for throughput, and maybe run a sniffer on the fortigate to see what happens with the packet ( syn and ack should come along ).

Good luck!


the connection is clear after my colleague re-install the zabbix agent on the server.

no more connection error.

issue is at the server.