thats understood....But i am checking with you that If you upgrade the working FortiGate following the upgrade paths, are you seeing same behavior? Also, if issue persist, could you fetch the debug flow commands posted in my initial response, I am eager to look what policy id is it matching among other info as well.
Hooked an old hp procurve 2524 to it and created vid 100 and 200 on it and made on port untagged in 100 and one untagged in 200 on it.
Created both vlans on a port of the fgt. Created Policies and Services for ping as there as none per default and it works fine.
Maybe in 6.4.9 there still is a working factory ping service once can chose in a police which does not exist in 7.x anymore?
Basically you need two services for ping:
ICMP Echo (ICMP Protocol #8 with no code)
ICMP Echo Reply (ICMP Protocol #0 with no code)
with adding both to the policies I can ping from my laptop which is on the 2524 on the port untagged in vlan 100 to the rpi400 which is on the 2524 on the port in vlan 200 and vice versa. I can also ping the FGT in both vlans from both vlans.
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Hi, did you have any update? I reached this board looking for a similar issue. What we noteced is only happened with ICMP, TCP and UDP is routed fine but is impossible to reach the hosts with ping. We also hace FortiOS 7.x on a stack with Fortiswitches. Any idea?
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.