WAN1 Active, WAN2 won' t respond to pings

Forum|Forum|19 years ago
April 17, 2007
6 replies
4539 views

Hi there We have just installed a FG100a WAN1 configured for PPOE - gets its IP etc from the ISP - works fine. WAN2 configured with a Static IP adress (real world internet address via second ISP) WAN1 will respond to pings, https for admin etc. WAN2 will not respond to pings https etc, the interface is up, the IP address is a valid working IP (checked with another device) We have changed the firmare to different versions a few times just in case it was a bug or something. - Currently running - Fortigate-100A 3.00,build0479,070309 We need to have the 2 ports active (using 1 for internet access, second for VOIP) Any help please ? Thanks J

Fireshield

New Member

Your issue is most likely routing. You need to have both routes on the same metric and then set a priority on the routes. This gets a bit trickier with dynamic addressing, since the priority is actually set on the port, not the route. I' m late and have to run, but search the forum as I have posted the CLI commands many, many times for this configuration.

abelio

SuperUser

WAN1 configured for PPOE - gets its IP etc from the ISP - works fine. WAN2 configured with a Static IP adress (real world internet address via second ISP) WAN1 will respond to pings, https for admin etc. WAN2 will not respond to pings https etc, the interface is up, the IP address is a valid working IP (checked with another device)

ok; that' s supposed to be. Probably your PPPoE wan1 iface has lower distance to its gateway (tipically 1) than your static wan iface (default to 10); you' re here near to a failover scenario. Look at Router->Monitor to get a picture.

We need to have the 2 ports active (using 1 for internet access, second for VOIP)

ok, you' ll need to have the 2 wans configured with the same distance paramater to its gateways; after that, you' ll have to work by defining policy routes and appropiate firewall policies to met your traffic needs.

ggnttAuthor

New Member

Hi Guys Thanks for the reply. I can change the distance on WAN1 (PPOE) allows you to do this. I cannot change the distance on WAN2 When I type show at the CLI prompt you can see WAN1 Distance is 10, no entry for WAN2 Thanks J

Fireshield

New Member

You need to manually create the route for wan2. Then, as long as the connection is active, you should see both routes.

eewai

New Member

g' day, i' ve a fgt100a too.. now i' ve both port at the same distance... my problem now is, i am unable to configure fgt100a as the clients' pc DNS server.. it wont work.. i need to configure my isp' s dns in clients pc...

rwpatterson

New Member

The Fortigate is not a DNS server, so that won' t work, no matter how many ports you have active.

eewai

New Member

but previously i did able to configure fgt100 ip as my dns server... hmm...

UkWizard

New Member

it wont be a DNS server, but you can enable dns forwarding on interfaces, so you can tick that the internal interface will forward requests to the DNS servers as specified in fortinet dns setup. so it would appear as being a dns server.

Sign up

Login with SSO

Login to the community

Login with SSO

Scanning file for viruses.

This file cannot be downloaded