How does FQDN is resolved in NGFW policy?

We created firewall policies using FQDN but the access was not allowed. When we tried with IP it worked. How to resolve this issue?

Does our traffic forwarding mechanism make any impact over here? please help!

Traffic forwarding doesn’t. Type of traffic does. For FQDN based policies, if the traffic is HTTP/HTTPS then we can get the FQDN from Host or SNI. And based on the FQDN configured in policy, we can evaluate the traffic.
Now, if the traffic not web based, say UDP traffic. Then we cant do this match. In this case, we fall back to resolved IP of FQDN to allow/block access.

-Prajith