Verify Access to Critical Assets are Blocked
From the client computer, try accessing Web server 1 on the browser. The page cannot be loaded.
From the Enterprise Core FortiGate, view the Forward Traffic log from Log & Report, or retrieve the logs from the CLI.
# execute log filter device 1 # execute log filter field srcip 10.100.91.100 # execute log display 523 logs found. 10 logs returned. 2.0% of logs has been searched. 1: date=2023-05-25 time=07:45:16 eventtime=1685000716783695562 tz="+0000" logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" srcip=10.100.91.100 srcport=52937 srcintf="port3" srcintfrole="lan" dstip=10.100.88.201 dstport=443 dstintf="port2" dstintfrole="dmz" srcuuid="33be0c3e-fa84-51ed-ff7e-f46fdd152ee0" dstuuid="c0dc6c02-facd-51ed-7c87-bb67ad88b588" srcthreatfeed="FSM_Threat_Feed" srccountry="Reserved" dstcountry="Reserved" sessionid=2113273 proto=6 action="deny" policyid=29 policytype="policy" poluuid="19218144-facf-51ed-00f0-336ad3d22f0f" policyname="DENY-IP-Threat-to-Webservers" service="HTTPS" trandisp="dnat" tranip=10.100.77.101 tranport=443 duration=0 sentbyte=0 rcvdbyte=0 sentpkt=0 rcvdpkt=0 appcat="unscanned" crscore=30 craction=131072 crlevel="high" srchwvendor="Fortinet" devtype="Router" srcfamily="FortiGate" osname="FortiOS" mastersrcmac="00:09:0f:00:03:01" srcmac="00:09:0f:00:03:01" srcserver=0