Internet data not passing from firewall

gobinda · ‎04-29-2024

Hi, I need help to configure my FortiGate 60F. We got an Internet Connection with static ipÂ´s. When I connect the ISP to the WAN1 Port I canÂ´t establish an internet connection. In the Firewall policy for test reasons i got one rule allowing all. But itÂ´s not working. In the Routing section i got an rule with 0.0.0.0 and xxxx.xxxx.xxxx.xxxx as gateway. i'm trying to ping 8.8.8.8 from fortigate CLI console but it's showing not reachble 100% packet lose. Where´s my fault?

dbu · ‎04-29-2024

HI @gobinda ,

Can you ping the default gateway (ISP IP) ?
Have you enabled NAT on the policy ?

Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.

gobinda · ‎04-29-2024

Hi @dbu

i have tried to ping default gateway(ISP) but it's not heppening. 100% packet lose.

and I have enable NAT on policy.

But till internet is not passing..

dbu · ‎04-30-2024

It looks like a routing issue.
Verify one more time the configs:

Routing:

config router static
edit 1
set gateway 10.x.x.x. >>> replace with the ISP IP address on the other side of the link.
set device "port1"
next
end

Make sure PING is enabled on the interface :
config system interface
edit "port1"
set allowaccess ping
next
end

Firewll policy

From inside LAN to outside interface (wan toward the ISP) with NAT enabled (Use outgoing interface address)

Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.

hbac · ‎04-30-2024

Hi @gobinda,

If you can't ping the default gateway, it is a layer 2 issue. You can check the arp table by running 'get system arp', do you see an arp entry for the default gateway? You can also run sniffer on wan1 'di sniffer packet wan1 'none' 4 0 l'

Regards.

Internet data not passing from firewall

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website