Fortinet 5.0 Patch 6 Log messages

Fortinet 631 FortiWeb 5.0 Patch 6 Administration Guide

For example, you might use ping to determine that 172.16.1.10 is reachable:

execute ping 172.16.1.10

PING 172.16.1.10 (172.16.1.10): 56 data bytes

64 bytes from 172.16.1.10: icmp_seq=0 ttl=64 time=2.4 ms

64 bytes from 172.16.1.10: icmp_seq=1 ttl=64 time=1.4 ms

64 bytes from 172.16.1.10: icmp_seq=2 ttl=64 time=1.4 ms

64 bytes from 172.16.1.10: icmp_seq=3 ttl=64 time=0.8 ms

64 bytes from 172.16.1.10: icmp_seq=4 ttl=64 time=1.4 ms

--- 172.20.120.167 ping statistics ---

5 packets transmitted, 5 packets received, 0% packet loss

round-trip min/avg/max = 0.8/1.4/2.4 ms

or that 192.168.1.10 is not reachable:

execute ping 192.168.1.10

PING 192.168.1.10 (192.168.1.10): 56 data bytes

Timeout ...

--- 192.168.1.10 ping statistics ---

5 packets transmitted, 0 packets received, 100% packet loss

If the host is not reachable, you can use traceroute to determine the router hop or host at

which the connection fails:

execute traceroute 192.168.1.10

traceroute to 192.168.1.10 (192.168.1.10), 32 hops max, 72 byte

packets

1 192.168.1.2 2 ms 0 ms 1 ms

2 * * *

For more information on CLI commands, see the FortiWeb CLI Reference. For more information

on troubleshooting connectivity, see “Connectivity issues” on page 641.

Log messages

Log messages often contain clues that can aid you in determining the cause of a problem.

FortiWeb appliances can record log messages when errors occur that cause failures, upon

significant changes, and upon processing events.

Depending on the type, log messages may appear in either the event, attack, or traffic logs. The

FortiWeb appliance must be enabled to record event, attack, and traffic log messages;

otherwise, you cannot analyze the log messages for events of that type. To enable logging of

different types of events, select Log&Report > Log Config > Other Log Settings.

Both ping and traceroute require that network nodes respond to ICMP. If you have disabled

responses to ICMP on your network, hosts may appear to be unreachable to ping and

traceroute, even if connections using other protocols can succeed.