Internet connectivity issue at the pc connected to my LAN interface despite policy rules configured

BKR · ‎10-08-2024

I can't access internet from my pc that is in the same subnet as the LAN port,

Firewall policies are created (LAN-WAN) dst lan port address / src all, and (WAN-LAN).

BKR

AEK · ‎10-08-2024

Hello BKR

You can start by enabling all traffic logging on the related policy, then check in traffic log if your traffic is being allowed or blocked.

AEK

bkrishnan · ‎10-15-2024

Hi
Please provide the below information;
CLI 1:

# diagnose debug flow filter addr x.x.x.x<------- Destination address

# diagnose debug flow show function-name enable
# diagnose debug flow show iprope enable
# diagnose debug flow trace start 100
# diagnose debug enable
Initiate ping from the PC to Internet (Eg: 8.8.8.8)
# diagnose debug disable <------------ Run this command to disable debug

CLI 2:
# diagnose sniffer packet any "host < destination IP >" 4 0 1

rahul_p1 · ‎10-15-2024

Hi,

Please check in logs if you see any log for your PC IP?

Please check the firewall policy to see if you have correctly configured it. https://docs.fortinet.com/document/fortigate/7.6.0/administration-guide/656084/firewall-policy

Are you using SD-WAN?

Please share the debug flow logs here.

arahman · ‎10-16-2024

Hi also try doing the pcap on the lan interface for any traffic filter for that source ip to see if you are seeing any traffic coming on fortigate, and try ping to lan interface ip as well to see it is able to communicate to lan. and try the ping from fortigate to that device as well to see if it is connecting from fortigate, if the device is wndows make sure to disable firewall on that pc before trying to ping to it

Internet connectivity issue at the pc connected to my LAN interface despite policy rules configured

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website