How do i set a IP Pool address in FortiOS 7.2.10 as a local address in a 120G?
120G considers them as a external address.
Thanks in advance
No. This is the way for IP pool to work for SNAT. DHCP's pools are configured under
config system dhcp server
Not in a policy.
Toshi
all tested at 80G
Now, i created a VLAN5 172.17.5.0/24 with interface IP 172.17.5.1.
I created a new rule 'VLAN5', allow traffic from internal to VLAN5 with source/destination and can ping the VLAN5 interface 172.17.5.1 from internal if enabled.
Now i create a SNAP IP Pool 172.17.5.2 and use this as a NAT / SNAT IP in rule 'VLAN5'.
From the earlier information, I should be able to reach the IP pool address 172.17.5.2 from the internal lan via icmp.
But that doesn't work either.
Created on 11-06-2024 03:41 PM Edited on 11-06-2024 03:42 PM
I was thinking I would have to test it myself to confirm. But I found an old discussion about "pining ippool IP".
https://community.fortinet.com/t5/Support-Forum/ping-restriction-to-IP/td-p/22013
ippool IP is generally not attached to any interface (just SNAT IP) you wouldn't be able to ping unless that specific IP is mapped to something more tangible, like VIPed (mapped) to a physical device with a different policy on opposite direction.
Tosh
Thanks for the information.
Currently only the 80F model replies on a internal ping to a IP Pool address and the 120g doesn´t.
Yesterday i configured a VLAN with the IP Range i need and added a second IP address to this VLAN. From the other side of the s2s tunnel i am able to ping this second IP address and monitor the tunnel. Even if ithe VLAN is not connected to any interface right now.
This seems to work fine.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.