Frustration .. 2nd wan link won' t ping.

Forum|Forum|18 years ago
August 15, 2007
5 replies
6131 views

Okay, So I' ve been through fortinet tech support, who basically told me that my problem is my provider, and of course, my provider is telling me it' s my router. I love being in the middle. The detail of my problem is below Fortigate 60 two wan links. Wan1 is connected to a wireless ISP Wan2 is connected to a cable ISP I have a static address for both connections, and wan1 works fine, but wan2 will not ping it' s default gateway. The link is up, and arp requests are flowing on the line, but no response ever comes from the gateway. The address that shows up for the gateway in the arp list is not the correct one according to the ISP tech support. ANY suggestions on how to troubleshoot this !! ??

gabyrossi

New Member

Hi, http://kc.forticare.com/default.asp?id=376&SID=&Lang=1

A

Anonymous_UserAuthor

Contributor

unfortunately not so simple.. just to clarify, i have no communication AT ALL on wan2. wan2 ip: 24.231.88.146/255.255.255.240 gateway: 24.231.88.145 following ping gets no response: execute ping-options source 24.231.88.146 execute ping 24.231.88.145 100% failure.

rwpatterson

New Member

For what it' s worth, I can ping your gateway from here, but not your Fortigate.

doshbass

New Member

I have no idea how cable works, but is whatever is connected to the cable passing all traffic through. I am assuming the cable company provides some sort of CE equipment. Can you get onto this box and do any kind of IP troubleshooting from there? If this is not the case for whatever reason, connect a bogus device to wan2, address it as the gateway and see if you can ping that. That will a least prove teh FG has no issues.

A

Anonymous_UserAuthor

Contributor

Exact same issue here as well. I can ping the WAN2 interface and the gateway of WAN2. A trace reveals everything going out the correct paths. Externally I can ping the ISP gateway, but not the WAN2 interface (with ping checked on WAN2). I have a static default route for WAN2, but the GUI monitor does display that route. It does display in the CLI. I have a feeling the PING is going to WAN 2, but the response is going out the wrong port. My WAN2 shows a dynamic route for it' s gateway pointing to 0.0.0.0 I am likely calling support today

doshbass

New Member

running the command " diag sniffer packet any ' icmp' 4" will show you what is going in and out of what interface

ismohark

New Member

I use 2 fg60, wan1, wan2 ocn both with ECMP routing. ipsec vpn wan1-wan1, wan2-wan2. Works fine. Similar problem with ping on WAN2. One one of the FG60:s ping works on wan2 and on the other it dont. Similar configs. I noticed that i can ping wan2 on fg60:2 from fg60:1 CLI. But if i change source to anything else than the ip of wan2 it stops working. From internal behind fg60 i cant ping. Everyting else works exept ' pingin' wan2 on fg60:2

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded