Hello, I am beginner in Fortigate and I would like to know what should I do to get this working. I have port 1 configured as a management port. Its a DHCP and address is 192.168.76.130. Client is configured as DHCP client and his address is in that network 192.168.76.0/24 (before .129 now actually .135). On a Fortigate I have configured dhcp server on port 8. Current IP address is 192.168.21.1/24. And DHCP Client has 192.168.21.100/24. Please check pictures. What should I configure if I want to ping from one site to the other end? From 192.168.76.135 to 192.168.21.100. I dont know whether I have to set default route, or NAT that or configure some kind of policy. Can you help? Take management port as a internet and DHCP client as a private network. I hope its clear. Thank You
Nominating a forum post submits a request to create a new Knowledge Article based on the forum post topic. Please ensure your nomination includes a solution within the reply.
Created on 08-11-2022 07:13 AM Edited on 08-11-2022 09:56 AM
Hi Zhuo, do you know why I can ping 1 way and second way not?
You don't need NAT here since your FortiGate is the Gateway on both "endpoints" and the FGT does have an interface in both subnets. NAT might even be contra-productive here.
Try to disable it. The rest of you policies looks good so far.
Basically all you need is a policy to allow traffic from port1 to port8. Then you can ping from port1 subnet to port8 subnet.
If you want to ping from port 8 subnet to port1 subvnet you need the reverse policy to the above one too.
Only if on the endpoints the FortiGate is NOT your default gateway you would need a static route to the "opposite" subnet on each endpoint that has the FGT as gateway.
--
"It is a mistake to think you can solve any major problems just with potatoes." - Douglas Adams
Thank You. But I am worried that I dont know how to do that. What do you mean by reverse policy? I have policies 1 to 8 and 8 to 1 so 1 to 8 is reverse to 8 to 1 and vice versa. Am I wrong?
I have tried to do static route but it doesn't work, because I dont know what should be a def gateway in this direction. I have one static route but it is created automatically. I didn't create that. I don't know how it came with that default gateway. Maybe it is caused by DHCP. If I have to create static route, what will be the default gateway from 1 to 8?
Select Forum Responses to become Knowledge Articles!
Select the “Nominate to Knowledge Base” button to recommend a forum post to become a knowledge article.
User | Count |
---|---|
1733 | |
1106 | |
752 | |
447 | |
240 |
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Copyright 2024 Fortinet, Inc. All Rights Reserved.