Fortigate Interface Gateway Unable to Ping

Forum|Forum|5 years ago
February 24, 2021
1 reply
15594 views

Hello,

I created a new interface in Firewall. Although ICMP is allowaccess at Interface; clients cannot ping the gateway address.

When I create debug in Firewall; I see it was dropped because it didn't match the rule. Normally there is no need to have a rule for the client to ping the gateway address. Where could the problem be?

id=20085 trace_id=1155 func=print_pkt_detail line=4915 msg="vd-LOCAL received a packet(proto=1, 10.100.17.11:19760->10.100.17.1:2048) from Server-MNG. type=8, code=0, id=19760, seq=486." id=20085 trace_id=1155 func=init_ip_session_common line=5062 msg="allocate a new session-0f73a6b8" id=20085 trace_id=1155 func=fw_local_in_handler line=392 msg="iprope_in_check() check failed on policy 0, drop"

194308.png

5.4

Best answer by marchand

Check if it is not the case 2

https://kb.fortinet.com/k....do?externalId=FD31702

emnoc

New Member

Is "10.100.17.1" the FortiGate address? I can't see your picture fwiw

Ken Felix

cetiaAuthor

New Member

Yes, 10.100.17.1 is Fortigate interface ip

edit "Server-MNG" set vdom "LOCAL". set ip 10.100.17.1 255.255.255.0 set allowaccess ping https ssh set snmp-index 168 end set interface "port10" set vlanid 117

Thank you,

marchandAnswer

New Member

Check if it is not the case 2

https://kb.fortinet.com/k....do?externalId=FD31702

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded