Fortigate not responding to specific IP but can ping it

Whiteoaks · ‎04-14-2025

Hi,

I'm sure this is something I'm overlooking but it does have me a little confused. My Fortigates are still in a lab setting set to roll out to production in the coming weeks.

Currently I have two Fortigates with private IP on WAN ports

192.168.2.1 Fortigate - > Cisco Switch 192.168.2.2

192.168.6.1 Fortigate -> Cisco Switch 192.168.6.2

192.168.2.1 can ping 192.168.6.1

192.168.6.1 cannot ping 192.168.2.1 but 192.168.6.2 can ping this IP.

Monitoring the interface on the 192.168.2.1 firewall. When everything other than 192.168.6.1 pings - it sends responses. When 192.168.6.1 pings - it receives the pings but does not reply.

Anything (obivous) I may be overlooking here? I don't see any SD-wan rules or policy routes that would apply... Any suggestions with debug commands I can use would also be appreciated.

Thank you,

Toshi_Esumi · ‎04-14-2025

Just run a flow debug at the 192.168.2.1 FGT then ping from 192.168.6.1 to see why the 2.1 FGT is dropping/ignoring the ping from the 6.1.
https://gist.github.com/githubfoam/9fd14cfdd8323a68cf99462eb413cc72

Toshi

View solution in original post

Toshi_Esumi · ‎04-14-2025

Just run a flow debug at the 192.168.2.1 FGT then ping from 192.168.6.1 to see why the 2.1 FGT is dropping/ignoring the ping from the 6.1.
https://gist.github.com/githubfoam/9fd14cfdd8323a68cf99462eb413cc72

Toshi

Whiteoaks · ‎04-14-2025

Sorry for this post... I am an idiot - or just over worked this past month. I changed the IP of the one Fortigate to 192.168.6.4 and it worked... I pinged 192.168.6.1 and it was working .... long story short I noticed an interface on this device already had that range assigned.. We've been making a lot of changes and testing so should have been noticed. Appreciate the debug command and help though.

Fortigate not responding to specific IP but can ping it

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website