Hello!
After upgrading from 5.0.14 to 5.2.13 on a 60C the following route is showing as default. And it hasn't been manually added.
Static 0.0.0.0/0 0.0.0.0 wan2
There is also the default gateway acquired with DHCP on the wan2 interface:
Static 0.0.0.0/0 192.168.0.1 wan2
And the directly connected static route:
Connected 192.168.0.0/24 0.0.0.0 wan2
Routing table annexed to better visualization.
The wan2 configuration is as follow:
FWFL613 (wan2) # get name : wan2 vdom : root cli-conn-status : 2 mode : dhcp distance : 5 priority : 0 dhcp-relay-service : disable ip : 192.168.0.3 255.255.255.0 allowaccess : ping fail-detect : disable arpforward : enable broadcast-forward : disable bfd : global l2forward : disable icmp-redirect : enable vlanforward : enable stpforward : disable ips-sniffer-mode : disable ident-accept : disable ipmac : disable subst : disable substitute-dst-mac : 00:00:00:00:00:00 status : up netbios-forward : disable wins-ip : 0.0.0.0 type : physical netflow-sampler : disable sflow-sampler : disable sample-rate : 2000 polling-interval : 20 sample-direction : both explicit-web-proxy : disable explicit-ftp-proxy : disable tcp-mss : 0 inbandwidth : 0 outbandwidth : 0 spillover-threshold : 0 weight : 0 external : disable devindex : 5 description : wan2 alias : NET 60Mbps l2tp-client : disable security-mode : none device-identification: enable device-user-identification: enable device-access-list : device-netscan : disable listen-forticlient-connection: disable vrrp-virtual-mac : disable vrrp: snmp-index : 2 ipv6: ip6-mode : static ip6-allowaccess : ip6-reachable-time : 0 ip6-retrans-time : 0 ip6-hop-limit : 0 ip6-address : ::/0 ip6-extra-addr: ip6-send-adv : disable autoconf : disable dhcp6-relay-service : disable dhcp-relay-ip : dhcp-relay-type : regular dhcp-client-identifier: defaultgw : enable DHCP Gateway : 192.168.0.1 dns-server-override : disable Lease Expires : Tue Oct 16 09:49:03 2018 Acquired DNS1 : 201.21.192.119 Acquired DNS2 : 201.21.192.123 macaddr : 00:09:0f:e6:04:b8 speed : auto mtu-override : disable wccp : disable drop-overlapped-fragment: disable drop-fragment : disable
FWFL613 (wan2) #
With that route it simple can't reach the internet because the FGT does not know where to send the connection. If i lower the Distance to 4 is works and first static route disappears. Any help?
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1517 | |
1013 | |
749 | |
443 | |
209 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.