Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

FortiGate 100E Ping Response - Expected Result?

Hey all,


This could be a general question on FortiGate products, not sure yet.


I have a FortiGate 100E on 6.0.5. Configuring and testing a WAN port.

If I exec ping <gateway> I get an expected response.

But when I exec ping or exec traceroute (or any other IP beyond my gateway) the response I get is:

traceroute to (, 32 hops max, 3 probe packets per hop, 72 byte packets

 1 <localhost>  883.985 ms !H  2993.665 ms !H  2999.748 ms !H


I am troubleshooting a new WAN, so no connectivity beyond gateway is not what I need help with.

I just want to know, is it normal to receive a response from localhost?

Looking at the timing, ~ 3000ms, this would indicate a failure / timeout, but why respond with localhost instead of with just a simple Response timed out?


Hi Imei,


Thank you for the query!


I understand when you are pinging gateway you are receiving the response, however when you are pinging or traceroute to, you are seeing response from the


Could you please confirm if this is happening only for or anything on the internet.


Please share the output of the commands:
get router info routing-table details

get router info routing-table all


Thank you!



Any IP beyond the gateway causes this behaviour.


I cannot get immediate access to the device, so am unable to run your commands.

However, I checked routing (including using get router info routing-table) and I didn't see anything abnormal.\0 was destined for the gateway IP.




Check the routing, it appears there is an issue in the next-hop derivation (if you were using dynamic routing like BGP(I presume), check the next-hop or may be there is an entry in the routecache with an invalid gateway ip).


Best regards,



No, static routing.

So, are we saying, that 'exec ping' would return (localhost) if the gateway is unreachable? And would never state 'destination unreachable' or 'response timed out' ?


No, you would get destination unreachable or response time out on other conditions. Your response for traceroute indicated was !H, indicating no proper hop, so you should check the gateway IP of the route seen in the route table is valid or not.  You can post the route table, and the rtcache for better visiblity. You may also try restarting the routing, flushing the route cache or restarting the device, if you have already determined the gateway in the route table is valid.


Best regards,


Esteemed Contributor II

The first hop with is your gateway device, not your FGT itself. If you sniff packets on the interface connected to the gateway, you would see what the gateway is returning.