Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
kinmun
New Contributor

LAN to DMZ policy

i have a LAN to DMZ policy to allow LAN traffic.

but we noticed that there are some traffic that are drop or deny due to threat

what does threat 262144 means ??

3 REPLIES 3
kinmun
New Contributor

any one encounter the same issue b4 ?

application = unknown

category = unscanned

protocol = tcp

Action = Deny:IP connection error

security

level = low

threat level = low

threat score 5

 

Neophron

Hi Kinmun,

I'm not sure about the threat part, it could be IPS / IDS or AV that's screwing your connection.

about the IP connection error;

This is probably due to the destination not reacting in time, hence the error. the server does not respond or isn't able to connect in time ( time-out ).

I'v seen it before with HP switches, it turned out that there was a high collision rate on the switch ( in other words, the switch was at max capacity of throughput and therefor started dropping packets ).

you can read more about the IP connection error here : http://kb.fortinet.com/kb/documentLink.do?externalID=FD39321 I would suggest checking the whole path for throughput, and maybe run a sniffer on the fortigate to see what happens with the packet ( syn and ack should come along ).

Good luck!

kinmun

the connection is clear after my colleague re-install the zabbix agent on the server.

no more connection error.

issue is at the server.