Troubleshooting dropped traffic

David,

go to System > Diagnostics > Log Viewer and choose web filter to see what rule is applied and why is getting blocked.

Problem with that is it doesn't expose all dropped traffic through the log viewer so its kind of useless in this scenario.

Next version has a colour coded, pop out log viewer apparently so are holding out for that. 

Troubleshooting XG now is not very easy.

I am looking forward to seeing new version too. The other way to find blocked traffic is using console and type the command: drop-packet-capture "host ip" with quota.

I'm confident they will address all the issues, Ive found that searching the CyberRoam KB is useful too as it seems to resemble that OS more than the SG.

To their credit support has been helpful in addressing bugs Ive found.

Also helpful is "system diagnostics utilities bandwidth-monitor" to show interface throughput in realtime and
"conntrack -L | grep -o 'src=.*' | awk -F " " '{print $1}' | sort -n | uniq -c | sort -n"  to show sorted connection count per IP.

We need something like the bandwidth monitor tool but per IP not interface.

I'm confident they will address all the issues, Ive found that searching the CyberRoam KB is useful too as it seems to resemble that OS more than the SG.

To their credit support has been helpful in addressing bugs Ive found.

Also helpful is "system diagnostics utilities bandwidth-monitor" to show interface throughput in realtime and
"conntrack -L | grep -o 'src=.*' | awk -F " " '{print $1}' | sort -n | uniq -c | sort -n"  to show sorted connection count per IP.

We need something like the bandwidth monitor tool but per IP not interface.

I am sure they will improve those aspects and bring back Flow Monitor and other nice stuff. You can use Live Connection under System > Current Activity but it is not enough and refresh is manual.

We need to wait!

[:)]