Hi All,
I just got my new fortigate 100F firewall and would like to use it as part of routing capabilities. I 'm trying a simple network setup such as physical port 1 is 192.168.1.1/24 , port 2 is 192.168.2.1/24 & port 3 is 192.168.3.1/24. I've a PC connected under port 1 branch with IP of 192.168.1.10 and Gtwy is pointing towards 192.168.1.1, the PC was able to ping and reach those firewall port 2 and port 3 IP addresses however they were NOT able to reach those devices under port 2 and port 3 for example such as 192.168.2.10 & 192.168.3.10.
- I've allow all policy between src and destination between these ports.
- Under network static router. I have added 192.168.1.x/24 route to gateway 192.168.2.1.
Any 2 cents and suggestions on the issue will be very much appreciated.
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Hi,
You dont need any route definitions here as all these networks should be listed as connected networks on firewall. Is the host 192.168.2.10 able to ping 192.168.1.1? Could you list the output of below commands,
#get router info routing-table all
#get sys arp
#diag sniffer packet any 'host 192.168.2.10 and (icmp or arp)' 4 0 l
After issuing the last command, ping to 192.168.2.10 from 192.168.1.10 so that traffic is recorded in the capture.
Best regards,
Jin
First, I want to confirm you removed all port1, 2 and 3 out of the default "lan" VLAN switch. Right? I believe you did. Otherwise, you wouldn't be able to configure 192.168.1.1/24 on port1. But just wanted to make sure.
Then, I would just sniff ping packets like
"diag sniffer packet any 'host 192.168.2.10" 4 0 l"
when you ping from 1.10 to 2.10. You should be able to see ping requests come in at port1 and go out to port2. Then if successful, ping responses come back from port2 then go out to port1. So you can see where the breaking point is.
Toshi
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1547 | |
1030 | |
749 | |
443 | |
210 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.