thanks to my new configuration I ping 126.96.36.199 and 188.8.131.52 !!
but I can't access the google web page....I can't access any web page...
Can you help me please ?
I would recommend to collect debug flow and traffic sniffer while issue is reproduced:
diagnose debug flow show function-name enable diagnose debug flow filter daddr <destination IP address>
diagnose debug flow trace start
diagnose debug enable
diagnose sniffer packet any 'host <destination IP address>' 6 0 a
Can you exec ping www.google.com or exec traceroute www.google.com to verify if DNS resolve works?
Alternatively you can also add the DNS widget to your FortiGate WebUI Dashboard:
I understand you are able to ping 184.108.40.206 and 220.127.116.11, however could you confirm if you are pinging the IPs from the firewall or user machine?
If you are doing the successful pings from the firewall, could you please check:
+ If you are able to do the same from the user machine?
+ If you are not able to ping 18.104.22.168 from the user machine, please check if policy is in place and if you have NAT enabled in the policy.
+ If you are able to ping 22.214.171.124 from the user machine but not able to access the google webpage, could you please check what is the DNS configured on the user machines?
+ Is it public DNS or any private DNS from your network? <<< if it is public DNS, please try to remove all the UTM profiles if you have any in the policy and test.
+ If it is private DNS from your network, are you able to ping the DNS? Are you seeing the nslookup successfully happening for any domain in your user machine?
>> Please confirm the above!
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2023 Fortinet, Inc. All Rights Reserved.