- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiWebCloud
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Allow internet access to specific IP address with ...
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Allow internet access to specific IP address with Fortiwifi 30e
Good day
I have a fortiwifi 30e configured on my network. we just installed a new alarm system at our office and connected it to the switch with LAN cable. The alarm cant connect to the internet at all, but i can see it on the network. if i log into the web interface i can see the alarm and IP address, but cant get the alarm unit to connect to the internet at all. the techies from the alarm company told me to open TCP & UDP port 1883 & 8883 but still i cant seem to get internet connection on the device.
Any help in this regard will be greatly appreciated.
Kind Regards
Ryno
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
hi,
and welcome to the forums.
First off, do other devices on the same LAN have internet access? specifically, devices using the same address space (like 192.168.x.y).
If yes, the problem is your alarm device. If no, a policy on the FGT is missing.
- settings on the device:
in order to get out of the LAN, the device needs to know where to send traffic which destination is outside. This is the gateway setting. It should be the address of your FGT's port which is connected to the LAN (i.e., 'port1' or 'internal').
If this is set, observe the byte count in the outbound policy (i.e. 'internal' to 'wan').
Usually, all services are allowed outbound, so fiddling around with special ports would not be necessary. Of course, YMMV.
- missing WAN policy
Make sure there is an outbound policy from i.e. 'internal' to 'wan', allowing all wanted services, and with NAT enabled (!). You can check it by issuing 'ping 9.9.9.9' on a PC in your LAN.
Ede
"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Hi,
Thank you very much for your response. Yes all the other devices in that address space have internet access. I also thought that it is the alarm device, so I tested it on a LTE router and then the device gets internet connection. as soon as I put the device back on the network, it cant see the internet. the error I get is "NO RESPONSE FROM TIME SERVER". Also I can "ping 9.9.9.9" on the LAN and it returns packets, no packets lost.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Which timeserver? Is there a junction between being able to adjust the internal clock and communicating with the alarm server on the net? More than before I'd look into the config of the device to get an idea of how this is connected.
And why would the device not be able to contact a timeserver if connected to the LAN? Which IP address is used, and can you/another host reach that address from 'internal'?
Have a look whether the device needs DNS to resolve that address, or if it is configured by IP.
One timeserver I often use is 192.53.103.104 (ptbtime1.ptb.de, PTB Germany), if you need one for testing.
Ede
"Kernel panic: Aiee, killing interrupt handler!"
Ede"Kernel panic: Aiee, killing interrupt handler!"
Related Posts
- Fortigate Not Receiving Public IP from... 127 Views
- FortiGate 61F Blocked Web access after... 268 Views
- Allowing Internet Traffic for backend servers... 673 Views
- Fortigates with PPPoE WAN suddenly need... 1561 Views
- Connect Fortigate to internet with 2... 387 Views
Labels
-
FortiGate
6,935 -
FortiClient
1,366 -
5.2
801 -
5.4
639 -
FortiManager
600 -
FortiAnalyzer
438 -
6.0
416 -
5.6
362 -
FortiAP
362 -
FortiSwitch
358 -
FortiClient EMS
281 -
FortiMail
269 -
6.2
251 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
168 -
6.4
128 -
FortiNAC
123 -
FortiGuard
111 -
IPsec
97 -
FortiGateCloud
92 -
FortiSIEM
91 -
SSL-VPN
87 -
FortiCloud Products
85 -
FortiToken
75 -
Customer Service
70 -
4.0MR3
64 -
Wireless Controller
63 -
FortiProxy
48 -
FortiADC
45 -
FortiEDR
42 -
SD-WAN
42 -
Fortivoice
41 -
FortiDNS
37 -
FortiExtender
35 -
FortiGate v5.4
35 -
FortiSandbox
33 -
FortiSwitch v6.4
32 -
Firewall policy
31 -
High Availability
28 -
FortiAuthenticator
27 -
VLAN
27 -
FortiConnect
24 -
FortiWAN
23 -
ZTNA
21 -
FortiConverter
21 -
FortiGate v5.2
19 -
DNS
19 -
FortiPortal
18 -
FortiSwitch v6.2
17 -
SAML
17 -
LDAP
17 -
Certificate
17 -
BGP
16 -
VDOM
16 -
FortiMonitor
14 -
FortiLink
14 -
Interface
14 -
Logging
14 -
Authentication
13 -
FortiGate v5.0
13 -
Routing
13 -
FortiDDoS
13 -
FortiCASB
12 -
NAT
11 -
RADIUS
10 -
SSL SSH inspection
10 -
Traffic shaping
10 -
Fortigate Cloud
10 -
Virtual IP
10 -
SSO
10 -
FortiRecorder
10 -
FortiWeb v5.0
9 -
FortiManager v5.0
9 -
4.0MR2
9 -
SSID
8 -
FortiBridge
8 -
WAN optimization
8 -
Application control
8 -
FortiGate v4.0 MR3
8 -
IP address management - IPAM
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
FortiAnalyzer v5.0
7 -
SNMP
7 -
Web profile
7 -
Admin
7 -
4.0
7 -
Security profile
6 -
Traffic shaping policy
6 -
Web application firewall profile
6 -
Proxy policy
5 -
Packet capture
5 -
FortiAP profile
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
IPS signature
4 -
Antivirus profile
4 -
Automation
4 -
DNS Filter
4 -
FortiTester
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
trunk
4 -
Port policy
4 -
FortiDeceptor
3 -
Fortinet Engage Partner Program
3 -
FortiToken Cloud
3 -
Traffic shaping profile
3 -
FortiPAM
3 -
DoS policy
3 -
Email filter profile
3 -
Web rating
3 -
Intrusion prevention
3 -
FortiDB
3 -
System settings
2 -
FortiInsight
2 -
NAC policy
2 -
Users
2 -
VoIP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Fabric connector
2 -
Netflow
2 -
Multicast routing
2 -
Protocol option
2 -
4.0MR1
1 -
TACACS
1 -
Replacement messages
1 -
Subscription Renewal Policy
1 -
Schedule
1 -
FortiCWP
1 -
FortiNDR
1 -
SDN connector
1 -
Application signature
1 -
Authentication rule and scheme
1 -
FortiManager-VM
1 -
Internet Service Database
1 -
Explicit proxy
1 -
Zone
1
Top Kudoed Authors
| User | Count |
|---|---|
| 989 | |
| 827 | |
| 458 | |
| 440 | |
| 132 |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.