Skip to main content
it-eatwell
it-eatwell
New Member
April 12, 2023
Solved

Cannot ping same network

  • April 12, 2023
  • 1 reply
  • 4505 views

Hello,

Please help,

I can't ping from User A to user B in the same network/segment.

The topology :

User A -> Access P -> FTG - Access P -> User B

User A : 10.10.4.5

User B : 10.10.4.40

AP : 10.10.3.0/24

I have enable PING in Interface menu.

What might be cause the problem ? Please help

 

Thanks

 

 

    Best answer by PedroSouza

    Good Night, it-eatwell

     

    Reffering to your post, are the users connected to the Internal Network 10.10.4.0/24 and the APs are on the 10.10.3.0/24?

     

    Try creating the follow Policy

     

    Incoming: 10.10.4.0/24

    Outcoming: 10.10.3.0/24

    Source: All

    Destination: All

    Service: Ping.

     

    And create a Reverse Policy too.

     

    Incoming: 10.10.3.0/24

    Outcoming: 10.10.4.0/24

    Source: All

    Destination: All

    Service: Ping.

     

     

     

     

     

    1 reply

    kvimaladevi
    Staff
    kvimaladevi
    Staff
    April 12, 2023

    Hi it-eatwell,

    I understand that you are unable to access the clients connected to the same subnets but different APs. 

    Please confirm how the APs are connected to the network. If there is a switch in-between, then we might have to check if the traffic is blocked anywhere in the path.

    You might also consider checking if you have enabled 'Block intra-SSID traffic' in tunnel mode which might block communication between the clients connected to the same SSID irrespective of the APs.

    https://community.fortinet.com/t5/FortiAP/Techincal-Tip-How-Block-intra-SSID-traffic-option-on-ssid/ta-p/223809

    Regards,

    Vimala

    it-eatwell
    it-eatwellAuthor
    New Member
    April 12, 2023

    Hi Vimala,

    Thanks for the reply.

    The topology :

    User A -> Access P -> FTG - Access P -> User B

    So APs are directly connected to Forti F300E,10.10.1.1, there are no switches in between.

    I'm using Ruijie AP.

    Thanks.

     

    Regards,

    eatwell

    PedroSouza
    PedroSouzaAnswer
    New Member
    April 13, 2023

    Good Night, it-eatwell

     

    Reffering to your post, are the users connected to the Internal Network 10.10.4.0/24 and the APs are on the 10.10.3.0/24?

     

    Try creating the follow Policy

     

    Incoming: 10.10.4.0/24

    Outcoming: 10.10.3.0/24

    Source: All

    Destination: All

    Service: Ping.

     

    And create a Reverse Policy too.

     

    Incoming: 10.10.3.0/24

    Outcoming: 10.10.4.0/24

    Source: All

    Destination: All

    Service: Ping.

     

     

     

     

     

    Terms & ConditionsAccessibility statement