[style="vertical-align: inherit;"][style="vertical-align: inherit;"]Translated by Bing:[/style][/style]
[style="vertical-align: inherit;"][style="vertical-align: inherit;"]I have a FortiWifi 61E with the firmware v 6.0.2 and connected the Fortigate to the WAN for Internet access (the Fortigate has internet Access) and LAN connected a laptop computer. From the LAN I can not access the internet, I have everything well configured but in the policies of IPv4, which comes by default, denying everything seems to be the one that is taking away the Internet access. I've created two policies that are up and say they accept all the traffic coming from my LAN to the Internet. In origin, is a group that I created with the IP of my internal network and the destination is an address I created pointing to the IP range that is the router, which is different from the Intranet. Do you know what the problem is that it does not navigate on the laptop? The laptop says it has Internet access because the Internet icon shows Internet access, It doesn't seem to be limited.[/style][/style]
[style="vertical-align: inherit;"][style="vertical-align: inherit;"]Original text:[/style][/style]
[style="vertical-align: inherit;"][style="vertical-align: inherit;"]Tengo un FortiWifi 61E con el firmware v6.0.2 y conecté el Fortigate a la WAN para el acceso a Internet (el fortigate tiene acceso a Internet) y por LAN conecté una computadora portátil.[/style][/style]
[style="vertical-align: inherit;"][style="vertical-align: inherit;"]Desde la LAN no puedo acceder a Internet, tengo todo bien configurado pero en las Políticas de IPv4, la que viene por defecto, negando todo parece ser la que me está quitando el acceso a Internet.[/style][/style]
[style="vertical-align: inherit;"][style="vertical-align: inherit;"]He creado dos políticas que están arriba y dicen que aceptan todo el tráfico que viene de mi LAN a Internet. [/style][/style] [style="vertical-align: inherit;"][style="vertical-align: inherit;"]En origen, es un grupo que creé con la IP de mi red interna y el destino es una dirección que creé apuntando al rango de IP que es el enrutador, que es diferente de la intranet.[/style][/style]
[style="vertical-align: inherit;"][style="vertical-align: inherit;"]¿Sabes cuál puede ser el problema que no navega en la computadora portátil?[/style][/style]
[style="vertical-align: inherit;"][style="vertical-align: inherit;"]La computadora portátil dice que tiene acceso a Internet ya que el ícono de Internet muestra acceso a Internet, no parece estar limitado.[/style][/style]
Did you enable NAT on the outbount internet policy?
It should be:
Source-Interface: your LAN
Destination-Interface: your WAN (where your internet is)
Source: your LAN Subnet
Destination: any
Service: any
NAT: enabled using ip of destination interface (DNAT)
Clients in your LAN then have to have the Fortigate (i.e. its LAN ip) as default gateway plus at least one valid dns server.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Yes, I have DNAT activated with the following configuration:
Interface: Any IP Address / External Range: 192.168.0.0 - 192.168.0.0 (Range to go online) IP address / Range IP mapped: 192.168.1.0 - 192.168.1.0 (IP of the intranet)
Optional filters: Disabled Port forwarding: disabled
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1740 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.