Skip to main content
MG1
MG1
New Member
June 6, 2022
Solved

Vlan routing

  • June 6, 2022
  • 1 reply
  • 3028 views

HI all,

as per diagram,the three sites are configured with BGP and all is working properly.

All the networks are received trough BGP from both FGTs and from Cisco R1.

Now the problem is when i configure Vlan in FGT.

As per diagram,vlans configured trough cisco router as L3 device are working properly,buuut the Vlan I configured on SITE-C FGT (Vlan 50)the network is published trough BGP to all the sites,but the PC4 is only able to ping his GW but any site.

I don't understand if is a bug or something not configured properly.Wireshark only give "no response found" for ping request.

Either PC4 can't be pinged from any other site.

Basically,all network is working proiperly,only vlans configured in FGT are not working.

Thanks in advance!diagram.jpg

Best answer by MG1

After struggling for a solution,i removed FGT SITE-C and configured entirely again and issue solved!

Thanks all for support!

1 reply

A
Anonymous_User
Contributor
June 7, 2022

Thank you for the diagram. May i know, PC4 gateway is on Site-C-SW1 or Site-C Fortigate? Basically PC4 need to reach Fortigate VLAN50 IP address 1st. In your case, im afraid, there are VLAN misconfiguration on the Site-C-SW1.

Here is my idea to check connectivity:
On Site-C-SW1, configure VLAN50 IP address.
From this SW1, ping to VLAN50 of Fortigate. 
This is to verify connectivity between switch and Fortigate.

Then, From PC4, ping to Site-C-SW1, then Site-C Fortigate.
You may have some finding if the issue related to Fortigate or Switch configuration.

Hope that helps.

MG1
MG1Author
New Member
June 7, 2022

Hi Muhammad,thanks for reply.

Vlan 50 GW is on SITE-C FGT and Is reachable from PC4.

172.4.1.0/24 Is correctly anounced trough BGP as well.

Regards 

A
Anonymous_User
Contributor
June 7, 2022

Hi MG1,
Thank you for your respond. 
On site-C fortigate, please verify if the routing table is correct. This fortigate can handle how to send out the traffic, however does not have control on how the traffic coming back.

Example:
Site-C fortigate already sent traffic to SiteB-R1. Now traffic will be handle by this SiteB-R1.
In real life, you can consider, parcel has been sent to Fedex(SiteB-R1). Now depend to Fedex how to handle the route.


This KB might be helpful:

 

 

Terms & ConditionsAccessibility statement