01-09-2025 11:49 PM
Hello everyone,
I have created a security policy that logs only IPv6 traffic, and I added a log forwarding profile to ensure I receive an email whenever the policy is triggered.
However, the issue is that when I send IPv6 packets, I don’t receive any emails.
My email server profile is working fine. When I test the connection, I receive the test email. Additionally, my security policy appears to be functioning correctly; when I send packets, they match the correct policy with the log forwarding option enabled.
Thanks for the help.
01-15-2025 07:45 AM
Do you have insight into whatever mail server you're attempting to route the notifications through? Traffic alerts like this can often be blocked my your email security solution (especially IPv6 traffic alerts) rather easily. If you're MGMT interface (or whatever you have configured as a service route for SMTP) routes through the firewall, you can potentially use that as an indicator of whether or not the firewall is attempting to send the alerts or not.
01-14-2025 05:51 PM
Hi @a.blanchard ,
Log forwarding and security policy logging looks fine. Can you confirm logs are being generated for the security policy in question? You can navigate to your security policy and click the drop down for Log Viewer. Once verified, I would try dumbing down the logic a bit. In your log forwarding policy, can you select only traffic logs. In the log setting security policy, can you uncheck log at session start and just have log at session end enabled.
Any luck if you try that out?
01-14-2025 11:58 PM
Hello @jay,
Firstable, thanks for your reply.
You can check the attachment to see the logging that i get. (I use a kali linux for testing with atk-alive6 to generate logs)
I've made the changes you told me about and sent a few ICMPv6 requests, but unfortunately I'm still not receiving any mail.
Maybe it's because of the way I do my tests?
If you have any other suggestions let me know 🙂
01-15-2025 07:45 AM
Do you have insight into whatever mail server you're attempting to route the notifications through? Traffic alerts like this can often be blocked my your email security solution (especially IPv6 traffic alerts) rather easily. If you're MGMT interface (or whatever you have configured as a service route for SMTP) routes through the firewall, you can potentially use that as an indicator of whether or not the firewall is attempting to send the alerts or not.
01-16-2025 11:29 PM
Hi @BPry,
Thank you for your message and your suggestions.
I have already reviewed the mail server being used for routing the notifications. I have whitelisted the email address utilized by the firewall, and I am successfully receiving test emails without any issues.
That's really weird...
01-17-2025 08:22 AM
Great stuff @BPry !! 🎉
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!
The LIVEcommunity thanks you for your participation!
