Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
pietro_coletta
New Contributor

Internal routing problem

Hello to everyone,

I'm managing a Fortigate 500E (firmware v5.4.8,build4108 (GA)).

Port7 has been connected to a switch and "multiplied" using VLANs.

The subinterface "Telecontrollo" is connected to a subnet where is present only a PC reachable via RDP and HTTP.

I created, without any trouble, all the rules necessary for the PC to be reachable from the internet via public IP and VPN.

 

 

The strangest thing is that the policy #135, the simplest of them all, which should permit the traffic from the LAN to the Telecontrollo subnet doesn't work. I debugged the packet's path on the firewall and they are sent to the WAN interface (port2) instead of port7, even though the routing is properly set.

 

Any ideas will be appreciated :D

 

Bye.

Pietro

10 REPLIES 10
lobstercreed

I agree with Ede, it is possible that your static route is actually the source of your problems since your gateway is 0.0.0.0

 

In any case, you should remove all static and policy routes related to the telecontrollo interface and let the connected route do its thing.  You'll see the route under Monitor -> Routing Monitor.