FortiGate Troubleshooting - Debug Flow with Examples

Описание к видео FortiGate Troubleshooting - Debug Flow with Examples

Debug flow will help you troubleshoot the logic process the FortiGate takes when forwarding traffic.
We will go over some specifics on reading debug flow:
Traffic direction
Interfaces
Routing
Policy Matching
Trace ID
Session matching
"No matching IPsec selector, drop" message
"Allowed by Policy" message
"reverse path check fail, drop" message
"Denied by forward policy check (policy 0)" message

Debug Flow Command Review:

diag debug flow filter #view the current filter
diag debug flow filter clear #clear the debug flow filter
diag debug flow filter proto 1 #filter for protocol 1
diag debug flow filter addr x.x.x.x
diag debug console timestamp enable #enable timestamp in outputs
diag debug flow trace start x #how many packets to trace/debug
diag debug enable #enable the debug
diag debug disable #disable the debug
diag debug reset #reset all debug parameters (includes debug flow filter clear)



0:00 Overview
0:38 Debug Flow Filter
2:07 Example #1 - working example
4:45 Example #2 - non-working example
6:49 Example #3 - another non-working example

Комментарии

Информация по комментариям в разработке

Похожие видео