Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
gianlucats
New Contributor III

Created on ‎05-31-2024 12:36 PM

Two lan, one wan

Hi, I'm new in Fortinet world.

I have set two lan on two different ports on my Fortigate 60s ,v7.2.8 build1639 (192.168.1.x and 192.168.21.x). But one of them is not able to go in internet. How have I to set the correct gateway on wan1, wich works for one of them?

Thank you a lot

 

Labels:
1340
0 Kudos
3 Solutions
hbac
Staff
Staff
In response to gianlucats

Created on ‎06-01-2024 06:42 AM

Hi @gianlucats,

 

I believe Toshi is referring to Firewall Policy. If one lan can get to the Internet, it means wan connection is working. You just need to make sure you have firewall policies to allow outbound traffic from both lan.

 

Regards, 

View solution in original post

1226
Toshi_Esumi
SuperUser
SuperUser
In response to TE

Created on ‎06-01-2024 11:19 AM

somehow I logged on with a different profile. That @TE is me.

Toshi

View solution in original post

1189
Mrinmoy
Staff
Staff

Created on ‎06-01-2024 11:21 AM

Can you please share the firewall policy of your firewall for those 2 interfaces (Working vs non-working)?

Mrinmoy Purkayastha

View solution in original post

1186
9 REPLIES 9
Mrinmoy
Staff
Staff

Created on ‎05-31-2024 02:17 PM

1. For WAN gateway your ISP shoudl provide you the WAN IP/ Subnet and gateway.

2. You can configure a default route as 

 

Satic route.JPG

config router static
edit 1
set gateway IP_From_ISP
set device "YOUR_WAN_PORT (May be wan1 for 60e)"
next
end

 

3. Finally you need 2 firewall policies from your 2 LAN interfaces to the WAN port

https://docs.fortinet.com/document/fortigate/7.0.0/ngfw-deployment/99015/initial-setup

Mrinmoy Purkayastha
1316
gianlucats
New Contributor III
In response to Mrinmoy

Created on ‎06-01-2024 04:27 AM

I' ve not given all the infomation to you: on wan 1 there is a modem/router giving access to internet (192.168.123.254), sorry. 

Thank you for be patient with a newbie :)Screenshot 2024-06-01 132559.pngScreenshot 2024-06-01 132459.png

1237
0 Kudos
Toshi_Esumi
SuperUser
SuperUser

Created on ‎05-31-2024 02:24 PM

If you have only one circuit on the FG60x and one LAN can get out to the internet, the circuit and the routing/gateway configuration is fine.
Most likely a proper policy doesn't exist for the second LAN.
Please share us your policies if possible.

Toshi

1313
gianlucats
New Contributor III
In response to Toshi_Esumi

Created on ‎06-01-2024 04:28 AM

Hi, thank you for answer.

Here you have

Screenshot 2024-06-01 132559.png

1236
0 Kudos
hbac
Staff
Staff
In response to gianlucats

Created on ‎06-01-2024 06:42 AM

Hi @gianlucats,

 

I believe Toshi is referring to Firewall Policy. If one lan can get to the Internet, it means wan connection is working. You just need to make sure you have firewall policies to allow outbound traffic from both lan.

 

Regards, 

1227
TE
New Contributor
In response to hbac

Created on ‎06-01-2024 11:16 AM

Yes. One menu above "Firewall Policy".

Toshi

1192
Toshi_Esumi
SuperUser
SuperUser
In response to TE

Created on ‎06-01-2024 11:19 AM

somehow I logged on with a different profile. That @TE is me.

Toshi

1190
Mrinmoy
Staff
Staff

Created on ‎06-01-2024 11:21 AM

Can you please share the firewall policy of your firewall for those 2 interfaces (Working vs non-working)?

Mrinmoy Purkayastha
1187
gianlucats
New Contributor III
In response to Mrinmoy

Created on ‎06-02-2024 11:25 PM

Thank you a lot guys.

I'm coming back home from work trip tonite and I'll try solutions. I keep you update!

 

1108
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.