FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
irodriguez_FTNT
Article Id 190774

Description

 

This article describes the FortiGate's ping options that can be used for various troubleshooting purposes. Particularly useful options are repeat-count and source.


Solution


From the CLI, type the following command to see all options :

FGT#  execute ping-options ?

# execute ping-options adaptive-ping <enable|disable>

# execute ping-options data-size <bytes>

# execute ping-options df-bit {yes | no}

# execute ping-options pattern <2-byte_hex>

# execute ping-options repeat-count <repeats>

# execute ping-options source {auto | <source-intf_ip>}

# execute ping-options timeout <seconds>

# execute ping-options tos <service_type>

# execute ping-options ttl <hops>

# execute ping-options validate-reply {yes | no}

# execute ping-options view-settings

# execute ping-options use-sdwan <yes | no>

# execute ping-options reset

 

Keyword Description Default

 

- adaptive-ping <enable|disable> FortiGate sends next packet as soon as the last response is received.

- data-size <bytes> Specify the datagram size in bytes.

- df-bit {yes | no}Set df-bit to yes to prevent the ICMP packet from being fragmented. Set df-bit to no to allow the ICMP packet to be fragmented.

- pattern <2-byte_hex> Used to fill in the optional data buffer at the end of the ICMP packet. The size of the buffer is specified using the data_size parameter. This allows you to send out packets of different sizes for testing the effect of packet size on the connection.

- repeat-count <repeats> Specify how many times to repeat ping.

- Source {auto | <source-intf_ip>} :Specify the FortiGate interface from which to send the ping.

If auto is specified, the FortiGate selects the source address and interface based on the route to the <host-name_str> or <host_ip>.

Specifying the IP address of a FortiGate interface is used to test connections to different network segments from the specified interface.

- timeout <seconds> Specify, in seconds, how long to wait until ping times out.

- tos <service_type> Set the ToS (Type of Service) field in the packet header to provide an indication of the quality of service wanted.

- lowdelay = minimize delay.

- throughput = maximize throughput.

- reliability = maximize reliability.

- lowcost = minimize cost.

- ttl <hops> Specify the time to live. Time to live is the number of hops the ping packet should be allowed to make before being discarded or returned.

- validate-reply {yes | no} Select yes to validate reply data.

- view-settings : Display the current ping-option settings.

 - use-sdwan <yes | no> - if set to yes, then ping will be following SD-WAN rules and policy routes. Usually used with other options, for example source, to match specific SD-WAN rule that as based on specific source address.

- reset - reset ping options to default values.

Contributors