Fortinet white logo
Fortinet white logo

Verify Access is Controlled by the 1st Floor ISFW Firewall

Verify Access is Controlled by the 1st Floor ISFW Firewall

From the client computer, try accessing FortiAnalyzer (10.100.88.2) on the browser. The page cannot be loaded.

Try to browse to a Job Search website. The page is blocked by FortiGuard web filtering.

Try to browse to a news website. The page is allowed.

From the 1st Floor FortiGate, view the Forward Traffic log from Log & Report, or retrieve the logs from the CLI.

# execute log filter device 0
# execute log filter field srcip 10.100.91.100
# execute log filter field srcthreatfeed g-FSM_Threat_Feed
# execute log filter field utmaction block
# execute log display
827: date=2023-05-25 time=19:50:07 eventtime=1685044207397973276 tz="+0000" logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" srcip=10.100.91.100 srcname="TAMIGERBER" srcport=1962 srcintf="port3" srcintfrole="lan" dstip=162.159.129.67 dstport=443 dstintf="port1" dstintfrole="wan" srcuuid="3fce57a6-fa91-51ed-87dc-0bf9d8ae8bdb" dstuuid="c935b9d6-f94b-51ed-e21f-70dcd8bb79b3" srcthreatfeed="g-FSM_Threat_Feed" srccountry="Reserved" dstcountry="United States" sessionid=955945 proto=6 action="close" policyid=16 policytype="policy" poluuid="8c5f6c5c-fb33-51ed-b1bb-0ffd30cba894" policyname="restrictive-Internet-Access" service="HTTPS" trandisp="noop" duration=3 sentbyte=1051 rcvdbyte=3242 sentpkt=12 rcvdpkt=9 appcat="unscanned" utmaction="block" countweb=1 osname="Windows" srcswversion="8.1" mastersrcmac="02:09:0f:00:09:01" srcmac="02:09:0f:00:09:01" srcserver=0 utmref=65309-3798

# execute log filter reset
# execute log filter device 0
# execute log filter field srcip 10.100.91.100
# exec log filter field dstip 10.100.88.2
# exec log display
1: date=2023-05-25 time=19:48:44 eventtime=1685044125006495125 tz="+0000" logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" srcip=10.100.91.100 srcname="TAMIGERBER" srcport=1926 srcintf="port3" srcintfrole="lan" dstip=10.100.88.2 dstport=443 dstintf="port1" dstintfrole="wan" srcuuid="3fce57a6-fa91-51ed-87dc-0bf9d8ae8bdb" dstuuid="c4a972da-fb31-51ed-fb05-6e32c1f14616" srcthreatfeed="g-FSM_Threat_Feed" srccountry="Reserved" dstcountry="Reserved" sessionid=955622 proto=6 action="deny" policyid=15 policytype="policy" poluuid="16755c78-fb32-51ed-bd1b-29207f60dd4c" policyname="DENY-FabricDevices-Access" service="HTTPS" trandisp="noop" duration=0 sentbyte=0 rcvdbyte=0 sentpkt=0 rcvdpkt=0 appcat="unscanned" crscore=30 craction=131072 crlevel="high" osname="Windows" srcswversion="8.1" mastersrcmac="02:09:0f:00:09:01" srcmac="02:09:0f:00:09:01" srcserver=0

Verify Access is Controlled by the 1st Floor ISFW Firewall

Verify Access is Controlled by the 1st Floor ISFW Firewall

From the client computer, try accessing FortiAnalyzer (10.100.88.2) on the browser. The page cannot be loaded.

Try to browse to a Job Search website. The page is blocked by FortiGuard web filtering.

Try to browse to a news website. The page is allowed.

From the 1st Floor FortiGate, view the Forward Traffic log from Log & Report, or retrieve the logs from the CLI.

# execute log filter device 0
# execute log filter field srcip 10.100.91.100
# execute log filter field srcthreatfeed g-FSM_Threat_Feed
# execute log filter field utmaction block
# execute log display
827: date=2023-05-25 time=19:50:07 eventtime=1685044207397973276 tz="+0000" logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" srcip=10.100.91.100 srcname="TAMIGERBER" srcport=1962 srcintf="port3" srcintfrole="lan" dstip=162.159.129.67 dstport=443 dstintf="port1" dstintfrole="wan" srcuuid="3fce57a6-fa91-51ed-87dc-0bf9d8ae8bdb" dstuuid="c935b9d6-f94b-51ed-e21f-70dcd8bb79b3" srcthreatfeed="g-FSM_Threat_Feed" srccountry="Reserved" dstcountry="United States" sessionid=955945 proto=6 action="close" policyid=16 policytype="policy" poluuid="8c5f6c5c-fb33-51ed-b1bb-0ffd30cba894" policyname="restrictive-Internet-Access" service="HTTPS" trandisp="noop" duration=3 sentbyte=1051 rcvdbyte=3242 sentpkt=12 rcvdpkt=9 appcat="unscanned" utmaction="block" countweb=1 osname="Windows" srcswversion="8.1" mastersrcmac="02:09:0f:00:09:01" srcmac="02:09:0f:00:09:01" srcserver=0 utmref=65309-3798

# execute log filter reset
# execute log filter device 0
# execute log filter field srcip 10.100.91.100
# exec log filter field dstip 10.100.88.2
# exec log display
1: date=2023-05-25 time=19:48:44 eventtime=1685044125006495125 tz="+0000" logid="0000000013" type="traffic" subtype="forward" level="notice" vd="root" srcip=10.100.91.100 srcname="TAMIGERBER" srcport=1926 srcintf="port3" srcintfrole="lan" dstip=10.100.88.2 dstport=443 dstintf="port1" dstintfrole="wan" srcuuid="3fce57a6-fa91-51ed-87dc-0bf9d8ae8bdb" dstuuid="c4a972da-fb31-51ed-fb05-6e32c1f14616" srcthreatfeed="g-FSM_Threat_Feed" srccountry="Reserved" dstcountry="Reserved" sessionid=955622 proto=6 action="deny" policyid=15 policytype="policy" poluuid="16755c78-fb32-51ed-bd1b-29207f60dd4c" policyname="DENY-FabricDevices-Access" service="HTTPS" trandisp="noop" duration=0 sentbyte=0 rcvdbyte=0 sentpkt=0 rcvdpkt=0 appcat="unscanned" crscore=30 craction=131072 crlevel="high" osname="Windows" srcswversion="8.1" mastersrcmac="02:09:0f:00:09:01" srcmac="02:09:0f:00:09:01" srcserver=0