https://community.cisco.com/t5/network-security/fmc-not-seeing-http-https-traffic/m-p/4841106#M1100749 <P>I think the intrusion prevention policy dropped the packet before it hit the access control policy rule. Thank you all</P> Tue, 23 May 2023 19:11:13 GMT Knassi 2023-05-23T19:11:13Z https://community.cisco.com/t5/network-security/fmc-not-seeing-http-https-traffic/m-p/4841003#M1100734 <P>So i am trying to find out why i am unable to get on a website. I do not see any blocks in the FMC, i don't even see any traffic related to that IP. But when i try to ping it, i see the ICMP traffic in the FMC. Has anyone seen this kind of problem?</P> Tue, 23 May 2023 16:59:14 GMT https://community.cisco.com/t5/network-security/fmc-not-seeing-http-https-traffic/m-p/4841003#M1100734 Knassi 2023-05-23T16:59:14Z https://community.cisco.com/t5/network-security/fmc-not-seeing-http-https-traffic/m-p/4841012#M1100736 <P><a href="https://community.cisco.com/t5/user/viewprofilepage/user-id/1438518">@Knassi</a> are you logging traffic?</P> <P>From the CLI of the FTD run "system support firewall-engine-debug" filter on the source ip and/or destination and generate traffic. The output on the console will confirm traffic is passing through the firewall and tell you which rule traffic is matching.</P> Tue, 23 May 2023 17:03:59 GMT https://community.cisco.com/t5/network-security/fmc-not-seeing-http-https-traffic/m-p/4841012#M1100736 Rob Ingram 2023-05-23T17:03:59Z https://community.cisco.com/t5/network-security/fmc-not-seeing-http-https-traffic/m-p/4841093#M1100742 <P>So i have been able to pull some traffic and there is only one rule match, the very last one that actually allows any any. How can an "allow any any "rule be blocking traffic?</P> Tue, 23 May 2023 19:00:06 GMT https://community.cisco.com/t5/network-security/fmc-not-seeing-http-https-traffic/m-p/4841093#M1100742 Knassi 2023-05-23T19:00:06Z https://community.cisco.com/t5/network-security/fmc-not-seeing-http-https-traffic/m-p/4841106#M1100749 <P>I think the intrusion prevention policy dropped the packet before it hit the access control policy rule. Thank you all</P> Tue, 23 May 2023 19:11:13 GMT https://community.cisco.com/t5/network-security/fmc-not-seeing-http-https-traffic/m-p/4841106#M1100749 Knassi 2023-05-23T19:11:13Z https://community.cisco.com/t5/network-security/fmc-not-seeing-http-https-traffic/m-p/4841111#M1100751 <P>I follow your Q, if am right you run the below&nbsp;<BR />you make management connect to INside then to FMC ?&nbsp;<BR />this not recommend from Cisco&nbsp;<BR />that why your management traffic hit the ACP of FTD&nbsp;</P> <P><span class="lia-inline-image-display-wrapper lia-image-align-inline" image-alt="Screenshot (468).png" style="width: 999px;"><img src="https://community.cisco.com/t5/image/serverpage/image-id/185377i8D353E7988B40BAF/image-size/large?v=v2&amp;px=999" role="button" title="Screenshot (468).png" alt="Screenshot (468).png" /></span></P> Tue, 23 May 2023 19:17:33 GMT https://community.cisco.com/t5/network-security/fmc-not-seeing-http-https-traffic/m-p/4841111#M1100751 MHM Cisco World 2023-05-23T19:17:33Z