Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
hervaltelecom
New Contributor III

Weird routing after firmware upgrade

Hello!

After upgrading from 5.0.14 to 5.2.13 on a 60C the following route is showing as default. And it hasn't been manually added.

Static 0.0.0.0/0 0.0.0.0 wan2

 

There is also the default gateway acquired with DHCP on the wan2 interface:

Static 0.0.0.0/0 192.168.0.1 wan2

And the directly connected static route:

Connected 192.168.0.0/24 0.0.0.0 wan2

 

Routing table annexed to better visualization.

 

The wan2 configuration is as follow:

FWFL613 (wan2) # get name : wan2 vdom : root cli-conn-status : 2 mode : dhcp distance : 5 priority : 0 dhcp-relay-service : disable ip : 192.168.0.3 255.255.255.0 allowaccess : ping fail-detect : disable arpforward : enable broadcast-forward : disable bfd : global l2forward : disable icmp-redirect : enable vlanforward : enable stpforward : disable ips-sniffer-mode : disable ident-accept : disable ipmac : disable subst : disable substitute-dst-mac : 00:00:00:00:00:00 status : up netbios-forward : disable wins-ip : 0.0.0.0 type : physical netflow-sampler : disable sflow-sampler : disable sample-rate : 2000 polling-interval : 20 sample-direction : both explicit-web-proxy : disable explicit-ftp-proxy : disable tcp-mss : 0 inbandwidth : 0 outbandwidth : 0 spillover-threshold : 0 weight : 0 external : disable devindex : 5 description : wan2 alias : NET 60Mbps l2tp-client : disable security-mode : none device-identification: enable device-user-identification: enable device-access-list : device-netscan : disable listen-forticlient-connection: disable vrrp-virtual-mac : disable vrrp: snmp-index : 2 ipv6: ip6-mode : static ip6-allowaccess : ip6-reachable-time : 0 ip6-retrans-time : 0 ip6-hop-limit : 0 ip6-address : ::/0 ip6-extra-addr: ip6-send-adv : disable autoconf : disable dhcp6-relay-service : disable dhcp-relay-ip : dhcp-relay-type : regular dhcp-client-identifier: defaultgw : enable DHCP Gateway : 192.168.0.1 dns-server-override : disable Lease Expires : Tue Oct 16 09:49:03 2018 Acquired DNS1 : 201.21.192.119 Acquired DNS2 : 201.21.192.123 macaddr : 00:09:0f:e6:04:b8 speed : auto mtu-override : disable wccp : disable drop-overlapped-fragment: disable drop-fragment : disable

FWFL613 (wan2) #

  With that route it simple can't reach the internet because the FGT does not know where to send the connection. If i lower the Distance to 4 is works and first static route disappears. Any help?

0 REPLIES 0
Top Kudoed Authors