Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
cetia
New Contributor

Fortigate Interface Gateway Unable to Ping

Hello,

 

I created a new interface in Firewall. Although ICMP is allowaccess at Interface; clients cannot ping the gateway address.

 

 

When I create debug in Firewall; I see it was dropped because it didn't match the rule. Normally there is no need to have a rule for the client to ping the gateway address. Where could the problem be?

 

id=20085 trace_id=1155 func=print_pkt_detail line=4915 msg="vd-LOCAL received a packet(proto=1, 10.100.17.11:19760->10.100.17.1:2048) from Server-MNG. type=8, code=0, id=19760, seq=486." id=20085 trace_id=1155 func=init_ip_session_common line=5062 msg="allocate a new session-0f73a6b8" id=20085 trace_id=1155 func=fw_local_in_handler line=392 msg="iprope_in_check() check failed on policy 0, drop"

 

1 Solution
marchand
New Contributor III

4 REPLIES 4
emnoc
Esteemed Contributor III

Is "10.100.17.1" the  FortiGate address? I can't see your picture fwiw

 

Ken Felix

PCNSE 

NSE 

StrongSwan  

PCNSE NSE StrongSwan
cetia
New Contributor

Yes, 10.100.17.1 is Fortigate interface ip

 

edit "Server-MNG" set vdom "LOCAL". set ip 10.100.17.1 255.255.255.0 set allowaccess ping https ssh set snmp-index 168 end set interface "port10" set vlanid 117

 

Thank you,

marchand
New Contributor III

cetia
New Contributor

Hi marchand,

 

The second case in the link you posted solved my problem. Thanks a lot.

 

config system admin edit "admin" set remote-auth enable set trusthost3 10.100.17.0 255.255.255.0 set accprofile "super_admin" set vdom "LOCAL" next end

Labels
Top Kudoed Authors