Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rinvn
New Contributor II

Fortigate VM can not ping to vlan ip

Hi guys, i am a networking beginer.

i installed fortigate vm (license imported) on my esxi 7 evironment.

i enabled Muti VDOM and configured port2's interfaces like below:

 port2:vdom root:Physical Interface:10.0.1.100/255.255.255.0

    port2:vdom vdom-01:vlan 101 :10.0.1.99/255.255.255.0

From window virtual machine , i can ping to 10.0.1.100.

i did configured vSwitch tag 101 but can not ping to 10.0.1.99. 

Can you give me some advices ?

 

vlan_setting.PNGesxi_vSwitch.PNGinterfaces_setting.PNG

 

4 REPLIES 4
seshuganesh
Staff
Staff

Hi Team,

 

When you are pinging to 10.0.1.99, can you take the sniffer in firewall by executing the below commands:

diag sniffer packet any 'host 10.0.1.99 and icmp' 4 0 a

Then try to ping from the machine and kindly share us logs

rinvn
New Contributor II

Thank you for your reply !

 

>diag sniffer packet any 'host 10.0.1.99 and icmp' 4 0 a

i executed this command but seem like icmp packets can not be reached.

i have not set any static routing yet ,because i think it is about L2 traffic.

my goal is testing some fortigate functions privately, so only vSwitch portgroup is using. 

 

rinvn_0-1653887415318.png

seshuganesh

Seems like traffic is not reahcing the firewall, it will be better if you can check in the internal network if something is blocking or re routing it to some other device

rinvn
New Contributor II

Thank you.

I have not configured any routing yet. I will try to route to other virtual switch  instead of vmware vSwitch only !

At this time , only one vmware standard vSwitch and one portgroup being used.fortigate vm 's port2 and window virtual machine 's nic is on this portgroup.