Troubleshooting Fortigate using CLI

First check if and how traffic enters the device. Use the filter option.

Make sure traffic offloading to the NP is disabled for the policy in question, (remove this command when done):

config firewall policy
   edit <policyID>
      set auto-asic-offload disable

Using the FortiOS  packet sniffer

Assgined Internet Protocol numbers

Then check the flow through the firewall and find out the policy id

Using debug flow

Find the system session and PolicyID

session info: proto=1 proto_state=00 duration=96 <snip>
misc=0 policy_id=3 auth_info=0 chk_client_info=0 vd=0
<snip>
total session 2

Then use  show firewall policy <id> to list the policy used for the traffic:

FGT60ELexThuis # show firewall policy 3
config firewall policy
edit 3
set name "Lex"
set uuid d42a3556-cb66-51e7-e20b-6be8577def0b
set srcintf "internal"
set dstintf "wan1"
set srcaddr "Lex zolder" "Laptop Lex" "PC Huiskamer"
set dstaddr "all"
set action accept
set schedule "always"
set service "ALL"
set utm-status enable
set logtraffic all
set av-profile "Quick block"
set ips-sensor "protect_client"
set application-list "block-botnet-monitor"
set profile-protocol-options "custom-default"
set ssl-ssh-profile "certificate-inspection"
set nat enable
next
end

Hits: 101