Hello everyone,
Now I’d like to share with you the mean of “---” in the session table details.
“---” indicates that the packet corresponding to a session is in the policy pending state or the security policy check is not required.
In policy pending state, the FW is performing application identification or URL category query on packets based on the application or URL category matching condition. However, the matched security policy cannot be determined. After application identification or URL category query is complete, if the packet is permitted by the security policy, and the session is updated, this field displays the name of the matched security policy.
Scenario where security policy check is not required: For example, if access management is enabled on an interface, packets destined for the device will skip security policy check. If packets match an authentication policy with the authentication action being Portal authentication, the user sends an HTTP/HTTPS request to the web server, and the first SYN packet is not controlled by the security policy.
For more details, please refer to HUAWEI USG6000, USG9500, and NGFW Module Product Documentation .
This is what I want to share with you today, thank you!
