Fortinet Community

yancha67 · ‎03-10-2023

We adopted a Fortiswitch via the Fortilink and created a VLAN, the VLAN is untagged on the switch port and connected a PC

I can ping from the machine to the Fortigate which is the gateway for that VLAN but I can't ping from the FortiGate to the machine. I also turned DHCP on that VLAN and the PC got an IP but could not ping from the FortiGate also.

I am missing something stupid probably, but can't figure it out.

Thanks for the help in advance

10.0.0.0.1 192.168.1.254

asengar · ‎03-10-2023

Hi Yancha,

Can you share the output of below command to verify if packet is sent out from Firewall

dia sniffer packet any 'host x.x.x.x' 4 0 a
where x.x.x.x is the IP address of the PC connected behind the fortiswitch

collect the logs while pinging from the PC to FGT and FGT to PC

Thanks

akanibek · ‎03-10-2023

I think on Windows workstation, ICMP-in is blocked on its Windows Firewall. Could you check it?

https://activedirectorypro.com/allow-ping-windows-firewall/

Asset

PatrikS · ‎03-17-2023

When U ping from a Fortigate U ping from Fortigate default interface probably not the vlan interface.
And U dont have a role for allowing ping between the nets.
U have to set what interface U ping from. with cli :
execute ping-options interface 192.168.1.254
<string> Auto | <outgoing interface>.
Set the Vlan interface on FGT as outgoing and try to ping

Fortinet Community

Can't ping from FortiGate to client connected to FortiSwitch