Verify Access is Controlled by the 1st Floor ISFW Firewall

From the client computer, try accessing FortiAnalyzer (10.100.88.2) on the browser. The page cannot be loaded.

Try to browse to a Job Search website. The page is blocked by FortiGuard web filtering.

Try to browse to a news website. The page is allowed.

From the 1st Floor FortiGate, view the Forward Traffic log from Log & Report, or retrieve the logs from the CLI.

# execute log filter device 0
# execute log filter field srcip 10.100.91.100
# execute log filter field srcthreatfeed g-FSM_Threat_Feed
# execute log filter field utmaction block
# execute log display
827: date=2023-05-25 time=19:50:07 eventtime=1685044207397973276 tz="+0000" logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" srcip=10.100.91.100 srcname="TAMIGERBER" srcport=1962 srcintf="port3" srcintfrole="lan" dstip=162.159.129.67 dstport=443 dstintf="port1" dstintfrole="wan" srcuuid="3fce57a6-fa91-51ed-87dc-0bf9d8ae8bdb" dstuuid="c935b9d6-f94b-51ed-e21f-70dcd8bb79b3" srcthreatfeed="g-FSM_Threat_Feed" srccountry="Reserved" dstcountry="United States" sessionid=955945 proto=6 action="close" policyid=16 policytype="policy" poluuid="8c5f6c5c-fb33-51ed-b1bb-0ffd30cba894" policyname="restrictive-Internet-Access" service="HTTPS" trandisp="noop" duration=3 sentbyte=1051 rcvdbyte=3242 sentpkt=12 rcvdpkt=9 appcat="unscanned" utmaction="block" countweb=1 osname="Windows" srcswversion="8.1" mastersrcmac="02:09:0f:00:09:01" srcmac="02:09:0f:00:09:01" srcserver=0 utmref=65309-3798

# execute log filter reset
# execute log filter device 0
# execute log filter field srcip 10.100.91.100
# exec log filter field dstip 10.100.88.2
# exec log display
1: date=2023-05-25 time=19:48:44 eventtime=1685044125006495125 tz="+0000" logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" srcip=10.100.91.100 srcname="TAMIGERBER" srcport=1926 srcintf="port3" srcintfrole="lan" dstip=10.100.88.2 dstport=443 dstintf="port1" dstintfrole="wan" srcuuid="3fce57a6-fa91-51ed-87dc-0bf9d8ae8bdb" dstuuid="c4a972da-fb31-51ed-fb05-6e32c1f14616" srcthreatfeed="g-FSM_Threat_Feed" srccountry="Reserved" dstcountry="Reserved" sessionid=955622 proto=6 action="deny" policyid=15 policytype="policy" poluuid="16755c78-fb32-51ed-bd1b-29207f60dd4c" policyname="DENY-FabricDevices-Access" service="HTTPS" trandisp="noop" duration=0 sentbyte=0 rcvdbyte=0 sentpkt=0 rcvdpkt=0 appcat="unscanned" crscore=30 craction=131072 crlevel="high" osname="Windows" srcswversion="8.1" mastersrcmac="02:09:0f:00:09:01" srcmac="02:09:0f:00:09:01" srcserver=0