Ping within subnet

Forum|Forum|6 years ago
September 24, 2019
2 replies
6810 views

I have a FortiGate 50E with a FortiSwitch 124E-FPOE

I have a client subnet on the switch with my clients, a NAS and a printer

In addition, i have a vlan for VoIP and IPSec VPN

I can ping across all all Subnets, but not within the client subnet. e.g. client to printer

I can ping from outside the client subnet (from Wlan, from IPSec etc) to the NAS and the printer

I can ping from my client subnet to all other subnets

But I can not ping from the client subnet to other systems in the client subnet.

What do i need to change?

Best answer by Seppel

could it be possible you have enabled Access VLAN on your Client VLAN?

yunus56

New Member

Hello

Please check your policies and pbr rules on fortigate. it seems ttaht there is problem is regarding Forti-switch

SeppelAnswer

New Member

could it be possible you have enabled Access VLAN on your Client VLAN?

sirrideAuthor

New Member

I don't really understand:

The Clients are in the same Subnet, so there wont be any routings / policies?

sw2090

SuperUser

that's the way I know it. Client to Client in the same subnet does not even reach the firewall because the client has a route for that subnet as it has an interface in it. It does not matter if this is a vlan interface or a physical one.

Only traffic that leaves the client's subnet will hit the default gw.

So I would point to your (Forti)Switch. Maybe it has somethink linke port isolation or similar that prevents ne port from reaching annother (Except from the uplink to the FGT).

sirrideAuthor

New Member

I've now disabled "access VLAN" and now it works

Many thanks!

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded