Hi, When you define connectivity verifiers, you don't need to create access rules for them. Also, when you look at the logging that traffic is logged with an empty rule field. Hmm... It would have been much better if the rule value was set to 'Connectivity Verifier' so that that traffic is clearly indentified ;-) I've seen other traffic logged with also an empty rule field but can't remember exactly what type of traffic (I think it was denied traffic). Does somebody have a list of conditions for which an empty rule field is logged? Thanks, Stefaan