Fortinet white logo
Fortinet white logo

Verify Access to the FortiGates are blocked by the local-in Policy

Verify Access to the FortiGates are blocked by the local-in Policy

From the client computer, try accessing the 1st Floor FortiGate (10.100.88.101) on the browser. The page cannot be loaded.

Sniff for packets from the client:

# diag sniffer packet any 'host 10.100.91.100 and port 443' 4 0 l
Using Original Sniffing Mode
interfaces=[any]
filters=[host 10.100.91.100 and port 443]
2023-05-25 22:24:57.463149 port3 in 10.100.91.100.5013 -> 10.100.88.101.443: syn 1024673119 
2023-05-25 22:24:57.714817 port3 in 10.100.91.100.5014 -> 10.100.88.101.443: syn 674054329 
2023-05-25 22:25:00.464681 port3 in 10.100.91.100.5013 -> 10.100.88.101.443: syn 1024673119 
2023-05-25 22:25:00.718445 port3 in 10.100.91.100.5014 -> 10.100.88.101.443: syn 674054329

View the Local Traffic log from Log & Report, or retrieve the logs from the CLI.

# exec log filter category 0
# exec log filter field srcip 10.100.91.100
# exec log filter field subtype local
# exec log display
1: date=2023-05-25 time=22:37:09 eventtime=1685054229545948615 tz="+0000" logid="0001000014" type="traffic" subtype="local" level="notice" vd="root" srcip=10.100.91.100 srcname="TAMIGERBER" srcport=5248 srcintf="port3" srcintfrole="lan" dstip=10.100.88.101 dstport=443 dstintf="root" dstintfrole="undefined" srcuuid="3fce57a6-fa91-51ed-87dc-0bf9d8ae8bdb" dstuuid="c935b9d6-f94b-51ed-e21f-70dcd8bb79b3" srcthreatfeed="g-FSM_Threat_Feed" srccountry="Reserved" dstcountry="Reserved" sessionid=1006928 proto=6 action="deny" policyid=1 policytype="local-in-policy" poluuid="8411e586-fb4a-51ed-28e4-27b1e150b98a" service="HTTPS" trandisp="noop" app="Web Management(HTTPS)" duration=0 sentbyte=0 rcvdbyte=0 sentpkt=0 rcvdpkt=0 appcat="unscanned" crscore=5 craction=262144 crlevel="low" osname="Windows" srcswversion="8.1" mastersrcmac="02:09:0f:00:09:01" srcmac="02:09:0f:00:09:01" srcserver=0

Verify Access to the FortiGates are blocked by the local-in Policy

Verify Access to the FortiGates are blocked by the local-in Policy

From the client computer, try accessing the 1st Floor FortiGate (10.100.88.101) on the browser. The page cannot be loaded.

Sniff for packets from the client:

# diag sniffer packet any 'host 10.100.91.100 and port 443' 4 0 l
Using Original Sniffing Mode
interfaces=[any]
filters=[host 10.100.91.100 and port 443]
2023-05-25 22:24:57.463149 port3 in 10.100.91.100.5013 -> 10.100.88.101.443: syn 1024673119 
2023-05-25 22:24:57.714817 port3 in 10.100.91.100.5014 -> 10.100.88.101.443: syn 674054329 
2023-05-25 22:25:00.464681 port3 in 10.100.91.100.5013 -> 10.100.88.101.443: syn 1024673119 
2023-05-25 22:25:00.718445 port3 in 10.100.91.100.5014 -> 10.100.88.101.443: syn 674054329

View the Local Traffic log from Log & Report, or retrieve the logs from the CLI.

# exec log filter category 0
# exec log filter field srcip 10.100.91.100
# exec log filter field subtype local
# exec log display
1: date=2023-05-25 time=22:37:09 eventtime=1685054229545948615 tz="+0000" logid="0001000014" type="traffic" subtype="local" level="notice" vd="root" srcip=10.100.91.100 srcname="TAMIGERBER" srcport=5248 srcintf="port3" srcintfrole="lan" dstip=10.100.88.101 dstport=443 dstintf="root" dstintfrole="undefined" srcuuid="3fce57a6-fa91-51ed-87dc-0bf9d8ae8bdb" dstuuid="c935b9d6-f94b-51ed-e21f-70dcd8bb79b3" srcthreatfeed="g-FSM_Threat_Feed" srccountry="Reserved" dstcountry="Reserved" sessionid=1006928 proto=6 action="deny" policyid=1 policytype="local-in-policy" poluuid="8411e586-fb4a-51ed-28e4-27b1e150b98a" service="HTTPS" trandisp="noop" app="Web Management(HTTPS)" duration=0 sentbyte=0 rcvdbyte=0 sentpkt=0 rcvdpkt=0 appcat="unscanned" crscore=5 craction=262144 crlevel="low" osname="Windows" srcswversion="8.1" mastersrcmac="02:09:0f:00:09:01" srcmac="02:09:0f:00:09:01" srcserver=0