Why does the log viewer and the policy test show different firewall ID's for the same URL? [SFOS 17.1.1 MR-1]

Hi Jim,

I verified this at my end and the test was positive. SSH to the XG firewall and execute the following command in Advance Shell, let us know if that works:

conntrack -D -s 10.116.112.78 (IP address of a source system)

This command will flush the conntrack table for the source IP.

Thanks,

I executed the command, but the status has not changed.  Log Viewer fw_rule_id="4   ---   Policy Test IPv4 Bypass (ID: 5)

Log viewer

2018-08-13 19:50:12Web Filtermessageid="16001" log_type="Content Filtering" log_component="HTTP" log_subtype="Allowed" status="" fw_rule_id="4" user="" user_group="" web_policy_id="13" web_policy="" category="Web E-Mail" category_type="Unproductive" url="outlook.office365.com/.../ content_type="application/octet-stream" override_token="" response_code="" src_ip="10.116.112.78" dst_ip="40.97.24.2" protocol="TCP" src_port="51398" dst_port="443" bytes_sent="3170" bytes_received="1075" domain="outlook.office365.com" exception="" activity_name="" reason="not eligible" user_agent="Microsoft Office/15.0 (Windows NT 10.0; Microsoft Outlook 15.0.5049; Pro)" status_code="200" transaction_id="" referer="" download_file_name="" download_file_type="" upload_file_name="" upload_file_type="" con_id="1981418336" app_name="Office 365" app_is_cloud="1"

Policy Test

Hi Jim,

PM me remote support access code, to verify the settings, be assured that we will not make any changes to the appliance.

Thanks,

Hi Jim,

PM me remote support access code, to verify the settings, be assured that we will not make any changes to the appliance.

Thanks,

What does "PM" mean?

I am in New York City (UTC - 4).  During week days I am available from 19:30 - 21:00 local time.

I mean to send me a Private Message me. To get support in the American hours, I will handover this thread to one of my available engineer available in that time zone. 

Thanks,