Troubleshooting Fortigate using CLI

First check if and how traffic enters the device. Use the filter option.

Using the FortiOSĀ  packet sniffer

Assgined Internet Protocol numbers

Then check the flow through the firewall and find out the policy id

Using debug flow

Find the system session and PolicyID

session info: proto=1 proto_state=00 duration=96 <snip>
misc=0 policy_id=3 auth_info=0 chk_client_info=0 vd=0
<snip>
total session 2

Then useĀ  show firewall policy <id> to list the policy used for the traffic:

FGT60ELexThuis # show firewall policy 3
config firewall policy
edit 3
set name "Lex"
set uuid d42a3556-cb66-51e7-e20b-6be8577def0b
set srcintf "internal"
set dstintf "wan1"
set srcaddr "Lex zolder" "Laptop Lex" "PC Huiskamer"
set dstaddr "all"
set action accept
set schedule "always"
set service "ALL"
set utm-status enable
set logtraffic all
set av-profile "Quick block"
set ips-sensor "protect_client"
set application-list "block-botnet-monitor"
set profile-protocol-options "custom-default"
set ssl-ssh-profile "certificate-inspection"
set nat enable
next
end

 

 

 

Hits: 38