Interface ping logs are not showing in traffic log

Reply
Highlighted
L1 Bithead

Interface ping logs are not showing in traffic log

Hi All,

 

firewall interface configured with management profile where ICMP is enabled and i can ping the firewall ip. But we can't see any logs for ICMP in firewall .

 

How we can get this ?

Tags (1)
Community Team Member

Re: Interface ping logs are not showing in traffic log

Hi @gpsriram,

 

As far as I know ICMP is not an option in the interface management profile. 

Ping is the selectable option as shown in the screenshot :

 

ping_profile.jpg

 

 

Look for 'ping' application in your traffic log instead of icmp application ... + also make sure that the security rule which is being hit is actually being logged :

 

traffic_log.jpg

 

 

I hope this helps.

 

Cheers !

-Kiwi.

 
L6 Presenter

Re: Interface ping logs are not showing in traffic log

yes it displays as ping but only if you have a security policy that it matches with log enabled.

 

you can only see it in @kiwi screen shot as it's hitting the rule "vdraad". 

 

if you are just relying on the management profile then it seems not to show in traffic log. 

Re: Interface ping logs are not showing in traffic log

Most probably because you don't have specific rule allowing this traffic, but rather relying on the default intra-zone rule, which doesn't log any traffic.

 

Even that you have interface management profile you still need a rule the policy to allow that traffic. It is common mistake to overlook this as in most of the cases the default intra-zone rule is already allowing this traffic. But default settings for the intra-zone rule is to NOT log the traffic.

 

There is two ways to solve this:

- Create specific rule (same source and destination zone) for this traffic and enable the log option on this rule

- Override the default intra-zone rule and enable the logging.

 

Note that the second option will log any other intra-zone traffic so, depending on your enviroment it migth generate lots of lots of unecessary logs

L6 Presenter

Re: Interface ping logs are not showing in traffic log

Good point Mr Astardzhiev.

Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!

The Live Community thanks you for your participation!