I have two Internet connection with different ip range, but I can able to access Internet with only one ip range.
Can any one guide me
Hi @Ashok-1234,
Can you make sure you have default routes for both ISP? Are you using SDWAN? Are you able to ping the default gateway?
Regards,
Hi,
Default routes are set for both ISP. We are not using SDWAN. I am unable to ping the default gateway's?
Even though when one ISP is working I am unable to ping the gateway.
Please provide the output of this command "get router info routing-table database".
Regards,
Hello
The best solution is to configure SD-WAN. Try follow the steps shown below:
https://docs.fortinet.com/document/fortigate/7.4.2/administration-guide/889544/sd-wan-quick-start
There are a few different things that could cause this. First, do you have a policy that permits traffic for BOTH internet interfaces (e.g. Permit LAN to ISP1 & Permit LAN to ISP2)? Second, do you have NAT enabled within those policies, assuming you're doing policy NAT? Third, do you have a static/default route for BOTH?
Also, are you trying to do any load balancing or is this an active/passive scenario? The following link provides a couple different load-balancing and failover scenarios and explains how to configure each of them. If you are attempting to load-balance, you may need to adjust the distance and priority settings on your static routes.
Also, should have said this at the top but try doing a source ping from each interface to the default gateway and make sure its reachable. (execute ping-options source <XYZ>)
Just run a CLI to see the routing table "get router info routing-table all" the see what's at the top like below. You need to have two default routes to both interface one way or the other.
fg40f-utm (root) # get router info routing-t all
Codes: K - kernel, C - connected, S - static, R - RIP, B - BGP
O - OSPF, IA - OSPF inter area
N1 - OSPF NSSA external type 1, N2 - OSPF NSSA external type 2
E1 - OSPF external type 1, E2 - OSPF external type 2
i - IS-IS, L1 - IS-IS level-1, L2 - IS-IS level-2, ia - IS-IS inter area
* - candidate default
Routing table for VRF=0
S* 0.0.0.0/0 [1/0] via x.x.x.x, ppp3, [1/20]
[1/0] via y.y.y.y, a, [1/1]
<snip>
Toshi
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1737 | |
1108 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.