Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
afarouk
New Contributor

Created on ‎05-03-2023 05:07 AM

cant access internet using Fortigate VM

I have deployed Fortigate-VM and I am able to access the GUI.

The firewall can access the internet but as a users I can reach the firewall but no internet connection.

I would like some help if there is any configuration needed on the ESXI or the switch where its connected.

 

1 port connected for LAN and another port connected for WAN.

 

1.jpg2.jpg3.jpg4.jpg5.jpg6.jpg7.jpg

Labels:
7000
0 Kudos
33 REPLIES 33
srajeswaran
Staff
Staff

Created on ‎05-03-2023 05:17 AM

Can you share "get router info routing-table details 8.8.8.8", and check the forward traffic logs under "logs and report" to see if there are any logs related to your source IP?

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
2354
0 Kudos
afarouk
New Contributor
In response to srajeswaran

Created on ‎05-03-2023 05:21 AM

for simplicity i removed sd-wan and only created 1 wan port and made changes to the routing and policy for that WAN only

 

8.jpg

2353
0 Kudos
afarouk
New Contributor
In response to srajeswaran

Created on ‎05-03-2023 05:24 AM

9.jpg

2352
0 Kudos
afarouk
New Contributor
In response to srajeswaran

Created on ‎05-03-2023 05:31 AM

also both the LAN & WAN interfaces on the switch (cisco) configured as trunk.

the LAN interface is used for ESXI and firewall LAN, the WAN interface is separated.

 

2348
0 Kudos
srajeswaran
Staff
Staff

Created on ‎05-03-2023 05:32 AM

From the user machine, are you able to ping the fortigate IP -10.10.100.254 ?

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
2346
0 Kudos
afarouk
New Contributor
In response to srajeswaran

Created on ‎05-03-2023 05:35 AM

yes i have access to the firewall i am on the same subnet10.jpg

2345
0 Kudos
srajeswaran
Staff
Staff
In response to afarouk

Created on ‎05-03-2023 05:57 AM

Can you collect below outfrom firewall after initiating a ping from the user machine towards 8.8.8.8

 

diagnose sniffer packet any "host 8.8.8.8" 4

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
2319
0 Kudos
afarouk
New Contributor
In response to srajeswaran

Created on ‎05-03-2023 06:00 AM

11.jpg

2317
0 Kudos
srajeswaran
Staff
Staff
In response to afarouk

Created on ‎05-03-2023 06:45 AM

Can you check the arp on user machine "arp -a" and confirm the MAC address for 10.10.100.254 is the correct mac showing under fortigate interface ?

 

get hardware nic port1 -> To find port1 mac address

 

And then run - diagnose sniffer packet port1 "host 8.8.8.8" 6 , to confirm the MAC address on the packet.

Regards,
Suraj
- Have you found a solution? Then give your helper a "Kudos" and mark the solution.
2292
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.