as per diagram,the three sites are configured with BGP and all is working properly.
All the networks are received trough BGP from both FGTs and from Cisco R1.
Now the problem is when i configure Vlan in FGT.
As per diagram,vlans configured trough cisco router as L3 device are working properly,buuut the Vlan I configured on SITE-C FGT (Vlan 50)the network is published trough BGP to all the sites,but the PC4 is only able to ping his GW but any site.
I don't understand if is a bug or something not configured properly.Wireshark only give "no response found" for ping request.
Either PC4 can't be pinged from any other site.
Basically,all network is working proiperly,only vlans configured in FGT are not working.
Thank you for the diagram. May i know, PC4 gateway is on Site-C-SW1 or Site-C Fortigate? Basically PC4 need to reach Fortigate VLAN50 IP address 1st. In your case, im afraid, there are VLAN misconfiguration on the Site-C-SW1.
Here is my idea to check connectivity: On Site-C-SW1, configure VLAN50 IP address. From this SW1, ping to VLAN50 of Fortigate. This is to verify connectivity between switch and Fortigate.
Then, From PC4, ping to Site-C-SW1, then Site-C Fortigate. You may have some finding if the issue related to Fortigate or Switch configuration.
Hi MG1, Thank you for your respond. On site-C fortigate, please verify if the routing table is correct. This fortigate can handle how to send out the traffic, however does not have control on how the traffic coming back.
Example: Site-C fortigate already sent traffic to SiteB-R1. Now traffic will be handle by this SiteB-R1. In real life, you can consider, parcel has been sent to Fedex(SiteB-R1). Now depend to Fedex how to handle the route.
Any trace with destination PC4 stops at his BGP gateway and same for PC4 to other sites. Weird thing is that only happens when i configure vlans on FGT,if i i connect PC4 straight to port 4,works with no issues.
I'm missing something but don't get what.All the BGP routes are correctly sent/received on all the neighbours.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.