cant access internet using Fortigate VM

afarouk · ‎05-03-2023

I have deployed Fortigate-VM and I am able to access the GUI.

The firewall can access the internet but as a users I can reach the firewall but no internet connection.

I would like some help if there is any configuration needed on the ESXI or the switch where its connected.

1 port connected for LAN and another port connected for WAN.

vbandha · ‎05-04-2023

Actually I made a mistake in the last reply. Please run the sniffer in CLI:

diagnose sniffer packet any 'host 8.8.8.8 and icmp' 4 0 a

After that ping 8.8.8.8 from one of your end devices in the 10.10.100.x network

afarouk · ‎05-07-2023

Forti-VM # diagnose sniffer packet any 'host 8.8.8.8 and icmp' 4 0 a
Using Original Sniffing Mode
interfaces=[any]
filters=[host 8.8.8.8 and icmp]
2023-05-07 10:23:51.645237 port1 in 10.10.100.1 -> 8.8.8.8: icmp: echo request
2023-05-07 10:23:56.172981 port1 in 10.10.100.1 -> 8.8.8.8: icmp: echo request
2023-05-07 10:24:01.160743 port1 in 10.10.100.1 -> 8.8.8.8: icmp: echo request
2023-05-07 10:24:06.162509 port1 in 10.10.100.1 -> 8.8.8.8: icmp: echo request
2023-05-07 10:24:12.321200 port1 in 10.10.100.1 -> 8.8.8.8: icmp: echo request
2023-05-07 10:24:17.161523 port1 in 10.10.100.1 -> 8.8.8.8: icmp: echo request
2023-05-07 10:24:22.175674 port1 in 10.10.100.1 -> 8.8.8.8: icmp: echo request
2023-05-07 10:24:27.161236 port1 in 10.10.100.1 -> 8.8.8.8: icmp: echo request

srajeswaran · ‎05-07-2023

diagnose sniffer packet any 'host 8.8.8.8 and icmp' 4 ,can you collect this for ping initiated from the firewall?

What is the source IP we see in the traffic initiated from Firewall, can we make sure same source IP is used in NAT for the traffic from LAN to Internet.

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.