Skip to main content
A
Anonymous_User
Contributor
October 27, 2010
Question

No internet connection with 80C although I can ping websites

  • October 27, 2010
  • 6 replies
  • 4731 views
Hello , I' ve just purchased Fortigate 80c & I configure it but I can' t browsing the internet " - We have Real IP - the ADSL Router IP is configured as " 1.2.3.1" - Fortigate WAN1 IP is configured as " 1.2.3.2" - Fortigate internal IP is configured as 192.168.0.1 - Client PC connect directly internal port 1 , IP “ 192.168.0.2” - Static Route desp IP/Mask = 0.0.0.0/0.0.0.0 device = Wan1 gateway= 1.2.3.1 -DNS , I defined My ISP DNS as Primary & secondary I tried to ping “1.2.3.1” & www.google.com using CLI console from system status & its replied I created Policy (internal-wan1) Allow – all –all-accept What is wrong in my setting ???? can anybody help please

    6 replies

    Carl_Wallmark
    Carl_Wallmark
    New Member
    October 27, 2010
    Hi, Did you also enable NAT in your firewall policy ?
    A
    Anonymous_UserAuthor
    Contributor
    October 27, 2010
    yes I enable the NAT in firewall policy
    ede_pfau
    SuperUser
    ede_pfau
    SuperUser
    October 27, 2010
    the route back from WAN to your LAN is missing. Create a route desp IP/Mask = 192.168.0.0/255.255.255.0 device = LAN gateway= 1.2.3.2 on your router (!).
    A
    Anonymous_UserAuthor
    Contributor
    October 27, 2010
    the problem is solved by make the DNS of my compuer the ISP DNS , it was the IP of fortigate thanks all
    discoveryit
    discoveryit
    New Member
    October 27, 2010
    you need to set the DNS in the fortigate under network you will see a options tab put your ISP DNS there. . If you are running a Fortigate with 4.2 you will see a box under the internal interface that says Enable DNS Query . set it to recursive. and set your internal dns to your fortigate. If you are using your ISP' s DNS you will not be able to resolve internal address names correctly, or it will take forever. You should always use a internal device for DNS. Also if you fortigate is running DHCP dont for get to change your ip settings there.
    Paul_Dean
    Paul_Dean
    Visitor III
    October 28, 2010
    I had the same issue the other day when moving a client' s FortiGate to their new office and ISP. The DNS on the FortiGate was still pointing to the old ISP whose servers did not respond to requests from outside their network. The result was I could ping out to the internet but no web traffic was allowed out. Turning off the protection profile meant web traffic started to flow through. I guess it was caused by the FG not being able to check if the web sites were allowed or not. Paul
    Terms & ConditionsAccessibility statement