- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
I am experiencing a loss of ICMP sessions when I attempt to ping through the IPsec tunnel.
hello guys
I have established a site-to-site (S2S) tunnel with two FortiGate firewalls, and this is my topology.
then the tunnel work but no perfectly it can ping juste from the interface of the lan to the other lan interface (and vise verca) (exmple : ping from 192.168.1.1 to 10.0.0.1 it works but if we want to ping from the to the other host the ping issue )
after some time of troubleshooting i find out that the icmp session losed in evry icmp request
so guys what is the solution for this problem please !
- « Previous
- Next »
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
@smaruvala here an other test that i have done also
i try to ping from the lan interface of the fortugate FW-A (192.168.1.1) to the host 10.0.0.2 to ensure that the packet will arrived to FW-A because when we try to ping from lan interface to the other lan interface of the frotigate the ping work and pass throw the tunnel (192.168.1.1 to 10.0.0.1)
so write in the terminal of the FW-A like this
FW-A # execute ping-options source 192.168.1.1
FW-A # execute ping 10.0.0.2
PING 10.0.0.2 (10.0.0.2): 56 data bytes
--- 10.0.0.2 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss
so this snapshot was taked in fortigate FW-B to capture the packet arrived
here we can say that from the FW-B he can't find a route to the host or what ????
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
also i disabled windows firewall to allow ping
- « Previous
- Next »