GNS3 lab with 2 PCs and 1 Fortigate (as a gateway) The PCs cant ping each other

Forum|Forum|1 year ago
May 23, 2025
2 replies
2215 views

I made a GNS3 lab with 1 Fortigate (as a gateway) and 2 PCs:

Structure:
1. PC1 -> Fortigate (Port1).
2. PC2 -> Fortigate (Port2).

Configurations:

Fortigate:

config system interface
edit "port1"
set mode static
set ip 10.0.0.1 255.255.255.0
set allowaccess ping https ssh
next
end

config system interface
edit "port2"
set mode static
set ip 11.0.0.1 255.255.255.0
set allowaccess ping https ssh
next
end

config firewall policy
edit 1
set name “PC1-to-PC2”
set srcintf "port1"
set dstintf "port2"
set srcaddr "all"
set dstaddr "all"
set action accept
set schedule "always"
set service "ALL"
set nat enable
next

edit 2
set name “PC2-to-PC1”
set srcintf "port2"
set dstintf "port1"
set srcaddr "all"
set dstaddr "all"
set action accept
set schedule "always"
set service "ALL"
set nat enable
next
end

PCs ip: 10.0.0.2/24, 11.0.0.2/24 and the gateway the fortigate.

PCs firewall are disable.

The PCs can ping the fortigate but cant ping each other.

What i am doing wrong?

funkylicious

SuperUser

try disabling NAT and check that you have a default or specific route on each PC with the GW.

"jack of all trades, master of none"

ChristophorosAuthor

New Member

I run the command "set nat disable" but when i run the "show firewall policy" it doenst appears. It is any way to see if my fortigate use NAT?
On my PCs it seams okay the router table correct. They have as 0.0.0.0 the fortigates ip.
Port 1 where the PC1 (with ip 192.168.0.2/24) is connect has the IP:192.168.0.1/24 and Port 2 where the PC2 (with ip 192.168.1.2/24) is connect has the IP: 192.168.1.1/24