Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
New Contributor

Virtual wire pair cannot access to other port

Site B is accessing internet through MPLS, the MPLS is directly to the switch without any control, I'm now would like to use a Forti 100D or 200E to do policy control, but after virtual wire pair set, it cannot access to internet.

the virtual wire pair is set to open all service and all source but still cannot go to

I'm also try to use software switch, but after grouped port 3 and port 4, it cannot control by policy and just working like a switch.

Any wrong setting on the virtual wire pair?  please help...  Many thanks


Original Setting


before virtual wire pair.jpg



After below setting, it cannot access to wire pair.jpg




If the subnet is on a vlan interface, you should consider allowing wildcard vlan on vwire.


Best regards,



it is not a vlan, no matter the VLAN wildcard is enable or disable which cannot connect. it likely cannot route back to the other port in the same device.


Please post the configs of vwire, firewall policy and port3 and port4 config. Also, did sniffer shows packets arriving on port3 for destination


best regards,



Just a basic setting I applied, below port is down because I put it into other Fortigate device already, the virtual wire pair can working normally if it do not need to go back to other port in the same device.


The tracert result is cannot route to the other port in the same device, actually I tried many cases same as this case, the virtual wire pair cannot go to other port which in the same device.







New setting:

it is successful after split into two devices, I don't know it is bug or other problem.





Top Kudoed Authors