Description | This article describes why users may find implicit SD-WAN rule IDs not missing due to changes made to the session list output. |
Scope | FortiOS 7.0.4+. |
Solution |
If traffic hits an implicit SD-WAN Rule, it means the session was handled using standard FIB routing.
FortiOS 7.0.3.
session info: proto=1 proto_state=00 duration=60 expire=3 timeout=0 flags=00000000 socktype=0 sockport=0 av_idx=0 use=3
FortiOS 7.0.4. session info: proto=1 proto_state=00 duration=51 expire=57 timeout=0 flags=00000000 socktype=0 sockport=0 av_idx=0 use=3 origin-shaper= reply-shaper= per_ip_shaper= class_id=0 ha_id=0 policy_dir=0 tunnel=/ vlan_cos=0/255 state=log may_dirty f00 statistic(bytes/packets/allow_err): org=360/6/1 reply=360/6/1 tuples=2 tx speed(Bps/kbps): 34/0 rx speed(Bps/kbps): 34/0 orgin->sink: org pre->post, reply pre->post dev=5->3/3->5 gwy=10.47.15.254/192.168.10.5 hook=post dir=org act=snat 192.168.10.5:1->8.8.8.8:8(10.47.1.80:60417) hook=pre dir=reply act=dnat 8.8.8.8:60417->10.47.1.80:0(192.168.10.5:1) misc=0 policy_id=1 pol_uuid_idx=14727 auth_info=0 chk_client_info=0 vd=0 serial=000001f0 tos=ff/ff app_list=0 app=0 url_cat=0 >>>> No sdwan_service_id rpdb_link_id=80000000 ngfwid=n/a npu_state=00000000 total session 1 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.