Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
sasad000
New Contributor

Created on ‎07-31-2017 09:35 PM

Second ip for wireless

i all,

 

I added second IP address on internal interface (FortiGate 60C). I have also enabled second DHCP, Static Route, and Firewall policy.

The main IP address gateway is 192.168.1.10 The second IP address gateway is 192.168.11.1/24    (DHCP: 192.168.11.100-200)

 

Testing on wireless access,  can get the second dhcp ip, buy why  no internet connect.

THX

 

 

 

 

 

 

 

 

Firewall policy:

4833
0 Kudos
5 REPLIES 5
oheigl
Contributor II

Created on ‎08-01-2017 12:40 AM

Can you post the full output of your policy? Maybe you forgot to activate source NAT in it, that's usually the problem in this case 

2231
0 Kudos
sasad000
New Contributor
In response to oheigl

Created on ‎08-01-2017 07:43 AM

oheigl wrote:

Can you post the full output of your policy? Maybe you forgot to activate source NAT in it, that's usually the problem in this case 

Thx for reply,

You mean  "Router"--> Static --> "Policy Route"   ????   I did not add any thing =.=

 

 

Incoming Interface  is set "wireless"  ?

Destination  Interface is "Internal"  ?

 

what should i set "protocol"  and outgoing interface and gateway.

 

thx

 

 

2231
0 Kudos
sasad000
New Contributor
In response to oheigl

Created on ‎08-02-2017 06:36 PM

oheigl wrote:

Can you post the full output of your policy? Maybe you forgot to activate source NAT in it, that's usually the problem in this case 

Tried add policy route also not work

 

2231
0 Kudos
MikePruett
Valued Contributor
In response to sasad000

Created on ‎08-02-2017 07:08 PM

We can't see the policy (rule to allow the traffic). The text is too small. Can you show us the full policy you have configured.

 

You don't need a policy route. The device will use the default route out the internet port for all internal sources and it should flow as long as policy supports the traffic and there is NAT enabled.

Mike Pruett

Fortinet GURU | Fortinet Training Videos

Mike Pruett Fortinet GURU | Fortinet Training Videos
2231
0 Kudos
sasad000
New Contributor
In response to MikePruett

Created on ‎08-02-2017 08:18 PM

MikePruett wrote:

We can't see the policy (rule to allow the traffic). The text is too small. Can you show us the full policy you have configured.

 

You don't need a policy route. The device will use the default route out the internet port for all internal sources and it should flow as long as policy supports the traffic and there is NAT enabled.

Thx for reply, i hv set  

"Wireless" to "wan" ACCEPT ANY

"wan" to "Wireless" ACCEPT ANY

 

 

 

2231
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.