Description
This article describes how to check the internet reachability using ping from backup WAN interface.
Solution
Assume the following scenario:
This article describes how to check the internet reachability using ping from backup WAN interface.
Solution
Assume the following scenario:
FortiGate is connected with two ISP connection via port1 and port2.
In FortiGate routing-table, port1 route is made default and port2 as backup route to reach Internet.
To test the Internet access from port2, in FortiGate, if public IP is pinged by setting ping-option source IP as port2 interface IP, this will not work.
In FortiGate routing-table, port1 route is made default and port2 as backup route to reach Internet.
# get router info routing-table static
Routing table for VRF=0
S* 0.0.0.0/0 [10/0] via 10.40.31.254, port1 <----- Active route.
[10/0] via 10.40.63.254, port2, [5/0]
To test the Internet access from port2, in FortiGate, if public IP is pinged by setting ping-option source IP as port2 interface IP, this will not work.
# execute ping-options source 10.40.48.57Since port1 is active route, FortiGate will forward the ping from port2 interface IP to public IP from port1 interface.
# exe ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
^C
--- 8.8.8.8 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss
# dia sniffer packet any "host 8.8.8.8 and icmp" 4In order to test the Internet reachability from port2 ISP, set the source interface for the ping-options.
interfaces=[any]
filters=[host 8.8.8.8 and icmp]
7.111475 port1 out 10.40.48.57 -> 8.8.8.8: icmp: echo request
8.122485 port1 out 10.40.48.57 -> 8.8.8.8: icmp: echo request
9.142524 port1 out 10.40.48.57 -> 8.8.8.8: icmp: echo request
10.162514 port1 out 10.40.48.57 -> 8.8.8.8: icmp: echo request
11.182491 port1 out 10.40.48.57 -> 8.8.8.8: icmp: echo request
# exe ping-options interface port2
# exe ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
64 bytes from 8.8.8.8: icmp_seq=0 ttl=57 time=7.9 ms
64 bytes from 8.8.8.8: icmp_seq=1 ttl=57 time=7.6 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=57 time=7.6 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=57 time=7.6 ms
^C
--- 8.8.8.8 ping statistics ---
4 packets transmitted, 4 packets received, 0% packet loss
round-trip min/avg/max = 7.6/7.6/7.9 ms
# dia sniffer packet any "host 8.8.8.8 and icmp" 4
interfaces=[any]
filters=[host 8.8.8.8 and icmp]
2.680030 port2 out 10.40.48.57 -> 8.8.8.8: icmp: echo request
2.687883 port2 in 8.8.8.8 -> 10.40.48.57: icmp: echo reply
3.682608 port2 out 10.40.48.57 -> 8.8.8.8: icmp: echo request
3.690104 port2 in 8.8.8.8 -> 10.40.48.57: icmp: echo reply
4.692567 port2 out 10.40.48.57 -> 8.8.8.8: icmp: echo request
4.700130 port2 in 8.8.8.8 -> 10.40.48.57: icmp: echo reply
5.702577 port2 out 10.40.48.57 -> 8.8.8.8: icmp: echo request
5.710105 port2 in 8.8.8.8 -> 10.40.48.57: icmp: echo reply
