Fortinet Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
KrisK
New Contributor

Troubleshooting Fortigate Lack of Ping Response (ICMP)

FortiGate 

 

Is there a way to see why a Fortigate will not send an ICMP response?

 

I have a batch of Fortigate 80Es with the same configuration template.

 

Some of the Fortigates will stop responding to ping responses back to the switch (connected to a 2000E). The ping goes from my switch and the destination is the 80E loopback IP. The ICMP request does arrive on the Fortigate.

 

I am using the command below on the CLI of the 80E to troubleshoot the ping failures. 

diag sniffer packet any 'icmp' 4

 

I can see the ICMP requests come in. Most of the Fortigates will send an ICMP reply back and the test passes. There are a few Fortigates that simply do not send an ICMP reply. I don't see a difference between the two different Fortigates that behave differently.

 

Is there a way to see why a Fortigate will not send an ICMP response?

 

1 Solution
Toshi_Esumi
Esteemed Contributor II
1 REPLY 1
Toshi_Esumi
Esteemed Contributor II

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-First-steps-to-troubleshoot-connecti...

 

Try Step 4: Debug flow.

That would show you what it's ignored or dropped.

 

Toshi