Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
Khan-qureshi
New Contributor

Created on ‎12-17-2023 01:01 AM

Unable to ping from Local-PC to router's interface

Hi. I am Practicing a simple Lab in which I am using a FortiGate Firewall. The Topology is pasted Below;

I created a policy on firewall to allow ping from local-PC to e0/1 interface of router. I have configured FortiGate interfaces, done static routing on both firewall and on Router. I also created a policy on FortiGate to allow access but still I am unable to ping. What can be the reason??

paint-1.jpg

image.jpg

 

 

Khanafsar
Khanafsar
Labels:
3031
0 Kudos
25 REPLIES 25
AEK
SuperUser
SuperUser

Created on ‎12-17-2023 02:44 AM Edited on ‎12-17-2023 02:46 AM

Most probably the issue is caused by having two default gateways.

On the PC, remove the first default gateway (192.168.44.1) and try again.

In case you need that gateway, then you will have to add a route to 10.200.2.0/24 via 10.0.1.254.

AEK
AEK
880
Khan-qureshi
New Contributor
In response to AEK

Created on ‎12-17-2023 02:53 AM

But these two gateways are on two different interfaces. gateway 192.168.44.1 is on vnmet8 (use for GUI access of eve-ng) and 10.0.1.254 is on vmnet8 (use to access fortigate firewall).

Khanafsar
Khanafsar
859
0 Kudos
AEK
SuperUser
SuperUser
In response to Khan-qureshi

Created on ‎12-17-2023 02:56 AM

The issue is the same even if the two gateways are on different interfaces.

So since you need this default gateway, just add on your PC a specific route to your destination as suggested higher.

AEK
AEK
844
dbu
Staff
Staff
In response to Khan-qureshi

Created on ‎12-17-2023 11:54 AM

You are right , but your host might get confused with two default gateways with same destination 0.0.0.0/0. Better add a specific route as @AEK  advised

Regards!
If you have found a solution, please like and accept it to make it easily accessible for others.
788
0 Kudos
AntonyChen
New Contributor III

Created on ‎12-17-2023 05:44 PM

i dont look the details on your schema, but in this cannot ping from your PC to your router at the end, most case is miss the routing, you should create a static route on the router to make it understand if it want to connect to the network 10.0.1.10/24 which gateway it must go, in this case it must go the the next hop is 10.200.2.1, interface  e0/1, and then on fortigate you must create a firewall policy to allow traffic (ping) from port2 to internal network -port3

Always like that in network design

 
774
0 Kudos
ssteo
Staff
Staff

Created on ‎12-17-2023 07:15 PM

Might be cause by routing table in PC itself because have two default gateway configured.

767
0 Kudos
Announcements

Select Forum Responses to become Knowledge Articles!

Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.

Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.