Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
LGPC
New Contributor

Created on ‎11-05-2014 07:06 AM

Internet access configuration

Hey guys,

 

got a little problem. I use my Fortigate now in NAT mode, and I want to go to the Internet from the LAN interface.

In the DNS settings I entered 10.0.0.138 (which is my DSL modem) In DHCP I configured 10.0.1.1 as Gateway and range 10.0.1.2-.99. The lan interface has the ip 10.0.1.1 and my Interface where I connectet the modem has 10.0.0.99. I createt a policy: source: lan adress: all destiantion: wan adress: all protocoll: any NAT: on

But I cant connect to the Internet. I can only connect to 10.0.0.138. Do I use the wrong DNS server or has anyone a idea whats wrong?

 

-thanks

4360
0 Kudos
1 Solution
Dave_Hall
Honored Contributor

Created on ‎11-05-2014 09:23 AM

If you have your Fortigate's "WAN" connection configure for DHCP, check the "Retrieve default gateway from server" option.  If the WAN connection is set statically, you need to create a static route (Destination IP/Mask 0.0.0.0/0.0.0.0, set to your WAN interface and use a gateway IP set to your DSL modem or IP address that was provided by your ISP).

 

For troubleshooting, you can use "exec ping <IP address>" and "exec traceroute <IP address>" from the CLI.  For DNS related issues, try using Google's 8.8.8.8.  Check the router monitor to confirm the routes are setup.  Also verify your varlous network subnet masks set correctly.

 

Personally, if it is all possible, I would see able putting the DSL modem into bridge mode so it would hand out a public IP address to the Fortigate.

 

 

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

View solution in original post

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
2531
0 Kudos
2 REPLIES 2
Dave_Hall
Honored Contributor

Created on ‎11-05-2014 09:23 AM

If you have your Fortigate's "WAN" connection configure for DHCP, check the "Retrieve default gateway from server" option.  If the WAN connection is set statically, you need to create a static route (Destination IP/Mask 0.0.0.0/0.0.0.0, set to your WAN interface and use a gateway IP set to your DSL modem or IP address that was provided by your ISP).

 

For troubleshooting, you can use "exec ping <IP address>" and "exec traceroute <IP address>" from the CLI.  For DNS related issues, try using Google's 8.8.8.8.  Check the router monitor to confirm the routes are setup.  Also verify your varlous network subnet masks set correctly.

 

Personally, if it is all possible, I would see able putting the DSL modem into bridge mode so it would hand out a public IP address to the Fortigate.

 

 

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C

NSE4/FMG-VM64/FortiAnalyzer-VM/6.0 (FWF30E/FW92D/FGT200D/FGT101E/FGT81E)/ FAP220B/221C
2532
0 Kudos
LGPC
New Contributor

Created on ‎11-05-2014 09:37 AM

Thanks a lot!

My static route was not correct. I did a new one like your example and now it works perfectly!

 

2497
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.