Phase: 1 Type: INPUT-ROUTE-LOOKUP Subtype: Resolve Egress Interface Result: ALLOW Config: Additional Information: Found next-hop 186.4.134.139 using egress ifc outside(vrfid:0) Phase: 2 Type: UN-NAT Subtype: static Result: ALLOW Config: nat (inside,outside) source static |s2sAclSrcNwgV4|b30540b0-433b-11ec-8442-29e260b108fa |s2sAclSrcNwgV4|b30540b0-433b-11ec-8442-29e260b108fa destination static |s2sAclDestNwgV4|b30540b0-433b-11ec-8442-29e260b108fa |s2sAclDestNwgV4|b30540b0-433b-11ec-8442-29e260b108fa no-proxy-arp route-lookup Additional Information: NAT divert to egress interface outside(vrfid:0) Untranslate 192.168.50.1/0 to 192.168.50.1/0 Phase: 3 Type: ACCESS-LIST Subtype: log Result: ALLOW Config: access-group NGFW_ONBOX_ACL global access-list NGFW_ONBOX_ACL advanced permit object-group |acSvcg-268435462 ifc inside any ifc outside any rule-id 268435462 event-log both access-list NGFW_ONBOX_ACL remark rule-id 268435462: ACCESS POLICY: NGFW_Access_Policy access-list NGFW_ONBOX_ACL remark rule-id 268435462: L7 RULE: Block_web_site object-group service |acSvcg-268435462 service-object ip Additional Information: This packet will be sent to snort for additional processing where a verdict will be reached Phase: 4 Type: NAT Subtype: Result: ALLOW Config: nat (inside,outside) source static |s2sAclSrcNwgV4|b30540b0-433b-11ec-8442-29e260b108fa |s2sAclSrcNwgV4|b30540b0-433b-11ec-8442-29e260b108fa destination static |s2sAclDestNwgV4|b30540b0-433b-11ec-8442-29e260b108fa |s2sAclDestNwgV4|b30540b0-433b-11ec-8442-29e260b108fa no-proxy-arp route-lookup Additional Information: Static translate 192.168.200.50/0 to 192.168.200.50/0 Phase: 5 Type: NAT Subtype: per-session Result: ALLOW Config: Additional Information: Phase: 6 Type: IP-OPTIONS Subtype: Result: ALLOW Config: Additional Information: Phase: 7 Type: INSPECT Subtype: np-inspect Result: ALLOW Config: class-map inspection_default match default-inspection-traffic policy-map global_policy class inspection_default inspect icmp service-policy global_policy global Additional Information: Phase: 8 Type: INSPECT Subtype: np-inspect Result: ALLOW Config: Additional Information: Phase: 9 Type: VPN Subtype: encrypt Result: ALLOW Config: Additional Information: Phase: 10 Type: NAT Subtype: rpf-check Result: ALLOW Config: nat (inside,outside) source static |s2sAclSrcNwgV4|b30540b0-433b-11ec-8442-29e260b108fa |s2sAclSrcNwgV4|b30540b0-433b-11ec-8442-29e260b108fa destination static |s2sAclDestNwgV4|b30540b0-433b-11ec-8442-29e260b108fa |s2sAclDestNwgV4|b30540b0-433b-11ec-8442-29e260b108fa no-proxy-arp route-lookup Additional Information: Phase: 11 Type: VPN Subtype: ipsec-tunnel-flow Result: ALLOW Config: Additional Information: Phase: 12 Type: NAT Subtype: per-session Result: ALLOW Config: Additional Information: Phase: 13 Type: IP-OPTIONS Subtype: Result: ALLOW Config: Additional Information: Phase: 14 Type: FLOW-CREATION Subtype: Result: ALLOW Config: Additional Information: New flow created with id 28564, packet dispatched to next module Phase: 15 Type: EXTERNAL-INSPECT Subtype: Result: ALLOW Config: Additional Information: Application: 'SNORT Inspect' Phase: 16 Type: SNORT Subtype: Result: ALLOW Config: Additional Information: Snort Trace: Packet: ICMP Session: new snort session Firewall: starting AC rule matching, zone 1 -> 2, geo 0 -> 0, vlan 0, sgt 0, src sgt type 0, dest_sgt_tag 0, dest sgt type 0, user 9999997, icmpType 8, icmpCode 0 Firewall: allow rule, id 268435457, allow Snort id 0, NAP id 2, IPS id 0, Verdict PASS Snort Verdict: (pass-packet) allow this packet Result: input-interface: inside(vrfid:0) input-status: up input-line-status: up output-interface: outside(vrfid:0) output-status: up output-line-status: up Action: allow