- Forums
- Knowledge Base
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiBridge
- FortiAuthenticator
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDDoS
- FortiDAST
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiGate Cloud
- FortiExtender
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiMonitor
- FortiManager
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecorder
- FortiRecon
- FortiSandbox
- FortiScan
- FortiSASE
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- Wireless Controller
- FortiWebCloud
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Pinging from one side
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Pinging from one side
Hi all,
I have a fortigate 50b which has the address 192.168.1.xxx which has a pc A connected to it
A wireless router is connected to the firewall with the wan address in the same range 192.168.1.xx
The lan of the wireless is 192.168.2.xxx with a pc B connected to it.
When I ping from the pc B to 192.168.1.xx, I get a response, but when pinging from PC A I ping 192.168.2.xx.
I used execute ping the firewall to ping 192.168.2.xx, but get no response.
I'm trying to see all devices which have either Ip's to see each other.
Might someone know what I am missing in the configuration of the firewall?
Thank you in advance
7 REPLIES 7
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
pls try
could you post your wireless router wan ip address (assuming 192.168.1.2)
create a static router under fortigate
Dst IP/Mask=192.168.2.0/24
Device=Internal
Gateway= 192.168.1.2 (wireless router wan ip add)
Fortigate Newbie
Fortigate Newbie
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Fullmoon,
I did create a static route, but I pointed to the wrong IP, my firewall which is in the same range as the WAN of the wireless.
I entered the ip of the WAN (192.168.1.2) of the wireless as you suggested, but still no go, also created one for viseversa
Still cannot ping 192.168.2.xx that have devices on it, from 192.168.1.xx
Krs
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
:)
192.168.1.2 was only a sample ip address.
Could you pls post your fortigate local ip and wireless router wan ip address?
Fortigate Newbie
Fortigate Newbie
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi Fullmoon,
My local ip of the fortigate is 192.168.1.11
As for the WAN of my wireless router it is 192.168.1.2 :D
The Lan is 192.168.2.1 of the wireless router.
Also tried a policy route for internal only from 192.168.1.0 to 192.168.2.0 and vise versa
Static route is just like I stated in the previous post.
krs,
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hello,
I don't think policy route is needed here.
I am assuming your network topology as:
FGT(192.168.1.11) -->> Switch or (Switch interface of FGT) -->>(192.168.1.10)PC A / (192.168.1.2)Wireless router (192.168.2.1) -->> PC-B (192.168.2.10)
You can have below :
- Static route on the Fortigate to reach 192.168.2.0 via 192.168.1.2
- Default route on the Wireless router pointing the Fortigate Internal IP (192.168.1.11)
Above should cover the routing part.
Another thing you need to take care is :
- Is the wireless router doing the NAT ? or just the routing?
- If it is doing the NAT, then static route on the FGT is not needed
- If no NAT, then verify if there is Windows Firewall on PC-A or any third party AV which could be blocking the access
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Ok, Thanks vjoshi_FTNT,
Checked on PC A and firewall is not active.
And the wireless is doing NAT.
But for some reason still can't ping from firewall it self to 192.168.2.1 (wireless ip connected directly to fortgate)
Krs,
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Vernon76 wrote:Ok, Thanks vjoshi_FTNT,
Checked on PC A and firewall is not active.
And the wireless is doing NAT.
But for some reason still can't ping from firewall it self to 192.168.2.1 (wireless ip connected directly to fortgate)
Krs,
Hello,
In your scenario, 192.168.2.1 or any address on the 192.168.2.x subnet cannot be reached directly.
- As the Wireless is doing the NAT, you can only see 192.168.1.X subnet
- Wireless router should be configured to do a one to one NAT for all the IP addresses (If all the 192.168.2.X IP addresses must be reachable for all services individually)
(OR) you can configure the Wireless router in the bridge mode
Hope that helps
Announcements
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
Related Posts
- BGP/EBGP from ISP to Fortigate HA... 309 Views
- Fortigate100F -- Does a VLAN Switch... 210 Views
- unable to ping and open local... 615 Views
- if not using DDNS, how can... 159 Views
- Warning: Got ICMP 3 (Destination Unreachable) 416 Views
Labels
-
FortiGate
7,163 -
FortiClient
1,414 -
5.2
801 -
5.4
639 -
FortiManager
620 -
FortiAnalyzer
456 -
6.0
416 -
FortiAP
376 -
FortiSwitch
373 -
5.6
362 -
FortiClient EMS
291 -
FortiMail
281 -
6.2
251 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
175 -
FortiNAC
128 -
6.4
128 -
FortiGuard
115 -
IPsec
107 -
SSL-VPN
103 -
FortiGateCloud
97 -
FortiSIEM
93 -
FortiCloud Products
89 -
FortiToken
77 -
Customer Service
71 -
Wireless Controller
65 -
4.0MR3
64 -
FortiProxy
49 -
SD-WAN
48 -
FortiADC
45 -
FortiEDR
44 -
Fortivoice
44 -
FortiDNS
39 -
FortiExtender
35 -
FortiGate v5.4
35 -
FortiAuthenticator
35 -
FortiSandbox
34 -
Firewall policy
33 -
FortiSwitch v6.4
32 -
VLAN
31 -
High Availability
31 -
DNS
24 -
FortiWAN
24 -
FortiConnect
24 -
ZTNA
23 -
BGP
21 -
FortiConverter
21 -
Certificate
20 -
SAML
19 -
FortiGate v5.2
19 -
LDAP
19 -
FortiPortal
18 -
Interface
18 -
FortiSwitch v6.2
17 -
Routing
17 -
VDOM
17 -
FortiMonitor
15 -
Authentication
15 -
FortiGate v5.0
14 -
FortiLink
14 -
Fortigate Cloud
14 -
FortiDDoS
14 -
Logging
14 -
NAT
13 -
RADIUS
12 -
FortiCASB
12 -
Application control
11 -
Web profile
11 -
Traffic shaping
10 -
Virtual IP
10 -
SSO
10 -
SSL SSH inspection
10 -
FortiRecorder
10 -
SSID
9 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
WAN optimization
9 -
4.0MR2
9 -
IP address management - IPAM
8 -
FortiBridge
8 -
SNMP
8 -
FortiGate v4.0 MR3
8 -
OSPF
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
FortiAnalyzer v5.0
7 -
FortiAP profile
7 -
4.0
7 -
Admin
7 -
Web application firewall profile
7 -
Static route
6 -
Security profile
6 -
Proxy policy
6 -
Traffic shaping policy
6 -
Automation
6 -
IPS signature
5 -
Packet capture
5 -
DNS Filter
5 -
FortiCache
5 -
FortiManager v4.0
5 -
trunk
5 -
FortiDeceptor
4 -
FortiDirector
4 -
Web rating
4 -
Intrusion prevention
4 -
Port policy
4 -
Antivirus profile
4 -
FortiPAM
4 -
FortiCarrier
4 -
FortiTester
4 -
3.6
4 -
DLP sensor
4 -
FortiScan
4 -
Fabric connector
3 -
NAC policy
3 -
Multicast routing
3 -
System settings
3 -
FortiToken Cloud
3 -
Traffic shaping profile
3 -
Fortinet Engage Partner Program
3 -
DLP Dictionary
3 -
DLP profile
3 -
FortiDB
3 -
DoS policy
3 -
Email filter profile
3 -
FortiInsight
2 -
Netflow
2 -
Users
2 -
Protocol option
2 -
FortiAI
2 -
Application signature
2 -
FortiHypervisor
2 -
VoIP profile
2 -
Internet Service Database
2 -
Explicit proxy
2 -
4.0MR1
1 -
Multicast policy
1 -
Zone
1 -
FortiCWP
1 -
Kerberos
1 -
Subscription Renewal Policy
1 -
FortiNDR
1 -
TACACS
1 -
Replacement messages
1 -
Schedule
1 -
SDN connector
1 -
FortiManager-VM
1 -
Authentication rule and scheme
1 -
Service
1
Top Kudoed Authors
| User | Count |
|---|---|
| 1063 | |
| 889 | |
| 527 | |
| 441 | |
| 152 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.