Hey,
One of my computeer with IP 10.10.11.152 got ping timeout to its gateway fortigate firewall internal interface with IP 10.10.11.1. How ever other servers on the subnet like 10.10.11.150 can ping 10.10.11.1. When I did ping capture on the firewall, I can see the following outputs. The replied packets are not going through internal inteface, but from root interface, but I have never created any interface called root. It's so confusing. Anyone has ever seen this crazy behavior before. Any solution to fix this issue? thank you
# diagnose sniffer packet any "host 10.10.11.1 and icmp" 4
5.779616 internal in 10.10.11.152 -> 10.10.11.1: icmp: echo request
5.779668 root out 10.10.11.1 -> 10.10.11.152: icmp: echo reply
5.779678 root in 10.10.11.1 -> 10.10.11.152: icmp: echo reply
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
The configuration on the device is not understood. Please gather the output of below commands for checking the behavior,
show sys settings
show sys global
show firewall ippool
show firewall vip
show router policy
get router info routing-table all
And you may run debug flow as detailed here Troubleshooting Tip: First steps to troubleshoot c... - Fortinet Community to understand the behavior better.
Best regards,
Jin
Hi Edison,
Thank you for the query!
From the query, I understand you are not able to ping the firewall IP from one specific user machine.
Could you please confirm if you are seeing 10.10.11.0/24 route on the Internal interface.
Please share the output of the command:
get router info routing-table details 10.10.11.152
Also please share the below debugs:
di de reset
di de flow filter addr 10.10.11.152
di de flow filter proto 1
di de fl sho ip en
di de fl trace start 1000
di de en
Once you run the above commands in firewall cli, please try to ping firewall ip from 10.10.11.152, once it is finished, please stop the debug using:
di de di
di de reset
Hello
i have the same Issue with my fortigate
8:38:58.553652 TRANSPORT in 10.136.100.1 -> 10.143.155.1: icmp: echo request
2024-05-24 18:38:58.553764 root out 10.143.155.1 -> 10.136.100.1: icmp: echo reply
2024-05-24 18:38:58.553771 root in 10.143.155.1 -> 10.136.100.1: icmp: echo reply
did you find solution for that ? thank you
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1720 | |
1094 | |
752 | |
447 | |
234 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.