Hi, I'm relatively new to FortiGate, my background is Cisco ASA, but I got convinced to FortiNet by my friend and we bought a pair of FG-501E as our main firewall. Ok,so I have a active-standby cluster. FortiOS ver. is 5.6.5
I created VDOM for my main firewall. VDOM is in NAT mode, Policy mode.
I made that VDOM management VDOM since there is the Internet uplink.
In that VDOM I created 2 zones, one inside and one outside.
OUTSIDE VLAN is basically interconnection between FortiGate and my router which goes further to ISP. OUTSIDE VLAN interface has public IP and by default should be using this IP for outgoing connections from INSIDE.
Making a ping without specifying from which interface everything looks OK.
BTW this is my default route configured statically.
I wanted to allow ICMP traffic from inside zone to Internet. So I did IPv4 Policy like this.
Also because I use Policy mode I added sort of default Central SNAT.
And now trying to ping from specific Inside Zone IP , ping doesn't work !
What I'm doing wrong ?
Maybe I shouldn't put OUTSIDE VLAN in separate zone ?
I tried without that Central SNAT entry and with it, both cases ping not going through.
I bet I miss something trivial, but I spent like 3 hours yesterday and cannot figure out what is wrong.
Looking for some help here with that "trivial" thing.
Best Regards, Jacek
