debug

FortiGate – debug flow

You can use the diagnose debug flow commands to do a policy simulation. An example of the output:

fw01 (root) # diagnose debug enable

fw01 (root) # diagnose debug flow show console enable
show trace messages on console

fw01 (root) # diagnose debug flow filter addr 10.10.1.25

fw01 (root) # diagnose debug flow trace start 5

You can stop the trace with the following commands:

fw01 (root) # diagnose debug flow trace stop

fw01 (root) # diagnose debug flow show console disable
do not show trace messages on console

fw01 (root) # diagnose debug disable

SecurEnvoy: debug logging

To get more logging from SecurEnvoy SecurAccess on a Windows server you have to add the following line to the file local.ini.

Debug_admin=True

A log file will be created with detailed logging. The log file is created under C:\Debug\admin.txt.