Troubleshooting Tip: Error 'Gateway IP is in the range of firewall vip's extip, please choose another ip! Node_check_object fail! for gateway x.x.x.x Value parse error before 'x.x.x.x''

pachavez · ‎02-05-2024

Description

This article provides a guide that describes how to resolve internet connection issues when error shows:

'Gateway IP is in the range of firewall vip's extip, please choose another ip! Node_check_object fail! for gateway x.x.x.x

Value parse error before 'x.x.x.x'

Scope

FortiGate v7.4.2.

Solution

If there is an internet connection issue and got the error:

'A duplicate entry already exists.

Gateway IP is in the range of firewall vip's extip, please choose another ip! Node_check_object fail! for gateway 192.168.1.1

Value parse error before '192.168.1.1'.

Scenario:

In this example, wan interface of FortiGate and ISP is on DHCP. ISP gateway is 192.168.1.1.

The default route via the wan interface does not show active on the routing table. The Mac address of the ISP router does not show on the firewall's ARP table.

To resolve the issue, check if there is an existing VIP object that is using the same IP as the gateway of the ISP:

sh firewall vip | grep -f 192.168.1.1

Solution:

Change the external IP of VIP or delete the VIP if not being used. Restart the routing table using the command 'exec router restart'.