Fortinet black logo

Handbook

Specifying logging types

6.0.0
Copy Link
Copy Doc ID 4afb0436-a998-11e9-81a4-00505692583a:145996
Download PDF

You can configure the unit to log GTP packets based on their status with GTP traffic logging.

The status of a GTP packet can be any of the following 5 states:

  • Forwarded - a packet that the unit transmits because the GTP policy allows it
  • Prohibited - a packet that the unit drops because the GTP policy denies it
  • Rate-limited - a packet that the unit drops because it exceeds the maximum rate limit of the destination GSN
  • State-invalid - a packet that the unit drops because it failed stateful inspection
  • Tunnel-limited - a packet that the unit drops because the maximum limit of GTP tunnels for the destination GSN is reached.

The following information is contained in each log entry:

  • Timestamp
  • Source IP address
  • Destination IP address
  • Tunnel Identifier (TID) or Tunnel Endpoint Identifier (TEID)
  • Message type
  • Packet status: forwarded, prohibited, state-invalid, rate-limited, or tunnel-limited
  • Virtual domain ID or name
  • Reason to be denied if applicable.

You can configure the unit to log GTP packets based on their status with GTP traffic logging.

The status of a GTP packet can be any of the following 5 states:

  • Forwarded - a packet that the unit transmits because the GTP policy allows it
  • Prohibited - a packet that the unit drops because the GTP policy denies it
  • Rate-limited - a packet that the unit drops because it exceeds the maximum rate limit of the destination GSN
  • State-invalid - a packet that the unit drops because it failed stateful inspection
  • Tunnel-limited - a packet that the unit drops because the maximum limit of GTP tunnels for the destination GSN is reached.

The following information is contained in each log entry:

  • Timestamp
  • Source IP address
  • Destination IP address
  • Tunnel Identifier (TID) or Tunnel Endpoint Identifier (TEID)
  • Message type
  • Packet status: forwarded, prohibited, state-invalid, rate-limited, or tunnel-limited
  • Virtual domain ID or name
  • Reason to be denied if applicable.