Skip to main content

Cato Networks Knowledge Base

How to Check if Traffic is Blocked by the WAN Firewall

  • Updated

Question

There are connectivity issues for the WAN traffic in my account, for example there are issues connecting to other sites or remote resources in my organization. How can I check that the WAN firewall isn’t blocking the WAN traffic?

Answer

These are the recommended steps to troubleshoot and see if the WAN firewall is blocking traffic and is related to the connectivity issues.

Step 1 - Review WAN firewall block events

  1. Review the block events in Analytics > Event Discovery and for the WAN firewall:
    1. Select the WAN firewall preset.
    2. In the action field select Block.
  2. If you find a block event that is possibly related to the connectivity issue, create a firewall rule above the block rule that allows the traffic.
  3. If the connectivity problem persists, continue to step 2.

Step 2 - Review the WAN firewall policy

If you know the specific network details of the relevant traffic, such as source, destination, or protocol, check if the traffic matches a WAN firewall rule. It might be necessary to fine tune the rule and make sure that the firewall allows the specific application (or other network detail).

Step 3 - Check if the traffic is blocked by the implicit block rule

The final rule of the WAN firewall is an implicit block rule, and blocks all traffic that doesn't match one of the firewall rules. This implicit rule doesn't generate events when it blocks traffic.

Add a new rule ANY ANY block at the bottom of the WAN firewall rule and enable tracking for the rule to help identify the source of the blocked traffic. This rule is the same functionality as the implicit rule, but generates block events. Generate traffic and then review the block events.

Was this article helpful?

0 out of 1 found this helpful

Comments

0 comments

Please sign in to leave a comment.