Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
st3rling
New Contributor

Transit vlan from Nexus to Fortigate

Hello,
We have a Nexus switch 5548 connected to FortiGate 100D via regular trunk port. All intervlan routing will be done on the Nexus switch and also has a transit vlan between Nexus and Fortigate that will carry other vlans for the internet access. Right now I can access the internet from Nexus from Transit vlan 254 but unable from other vlans. What am I missing? I've attached configs from both devices.
Thank you in advance!

Fortigate config: https://drive.google.com/file/d/1W_GrNUxOCHpK5YIoU3JtxavXwc9hginL/view?usp=sharing

Nexus config: https://drive.google.com/file/d/1wVegIRtnjyKz6cd_yw5SJcY-C3FFrzC1/view?usp=sharing

(sorry, couldn't figure out how to attach files directly here)

1 REPLY 1
dbhavsar
Staff
Staff

Hello @st3rling ,

- From one of the machine behind VLAN try to ping 8.8.8.8 and run the following debugs on FortiGate and update the thread:

 

di de reset
diagnose debug flow filter addr <source-ip> 8.8.8.8 and
diagnose debug flow filter proto 1
diagnose debug flow show function enable
diagnose debug console timestamp enable
diagnose debug flow show iprope enable
diagnose debug flow trace start 99
diagnose debug enable

DNB
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors