Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
rezafathi
Contributor II

Created on ‎12-11-2023 10:43 AM

Fortigate 200F wan link not working

Hi,

 

We have 2 wan link, wan1 is mikrotik antenna and wan2 is from LTE modem. I configured port 2 for wan1 with private ip address (same subnet of antenna) and secondary ip address as valid ip. I did the same for wan2 with private and public ip address.i put them both in sdwan but there is no internet on either firewall or other devices. But when i connect one of wan ports to a mikrotik router and nat the private ip address between ftg and mikrotik , the internet will work on fgt. Please help me to find the solution.

Reza F.
Reza F.
Labels:
1904
0 Kudos
6 REPLIES 6
dbhavsar
Staff
Staff

Created on ‎12-11-2023 12:26 PM

Hi @rezafathi 
Just make sure you have correct route and correct gateway IP if that does not help I believe you might need to open a ticket with TAC to better understand your config you have done.

DNB
1892
hbac
Staff
Staff

Created on ‎12-12-2023 01:23 PM

Hi @rezafathi,

 

Did you configure default routes? If yes, were you able to ping the default gateway? 

 

Regards, 

1862
rezafathi
Contributor II
In response to hbac

Created on ‎12-12-2023 08:54 PM

yes I have default route and I can ping the default gateway.

Reza F.
Reza F.
1853
0 Kudos
hbac
Staff
Staff
In response to rezafathi

Created on ‎12-13-2023 07:14 AM

@rezafathi,

 

Please run the following commands and provide the output:

 

get router info routing-table all

get router info routing-table database

execute ping 8.8.8.8

 

Regards, 

1840
0 Kudos
rezafathi
Contributor II
In response to hbac

Created on ‎12-14-2023 07:20 AM

I managed to get the internet from LTE modem to work by enabling dhcp on fgt port. But my another internet link has a private ip which connects to a mikrotik antenna. The gateway is antenna private ip and i set the valid ip as secondary ip but no internet available. Also the sdwan is active.

Reza F.
Reza F.
1829
0 Kudos
aguerriero
Contributor II

Created on ‎12-14-2023 09:19 AM Edited on ‎12-14-2023 09:27 AM

Capturefdadfadfa.PNG

 

Are you running latest 7.2.X 

get router info routing-table all

you should see both wan1 and wan2 as available next hops.

when upgrading from 7.2.5 to 7.2.6.. My wan 2 interface had an admin distance of 5 where the wan 1 interface had an admin distance of 10. So the wan2 interface only ever showed up in the routing table and none of my SD-WAN rules that used WAN1 would work.

If you show the routing table and only wan1 or wan2 shows up, you should set the admin distance equal on the default route for both interfaces and also set the admin distance on the wan1 and wan2 interfaces to be equal on both. 

I think it has something to do with DHCP assigned gateways. A DHCP assigned gateway gets a default distance of 5 where the static assigned gateway will use the admin distance of the static route. 



1821
0 Kudos
Announcements
Check out our Community Chatter Blog! Click here to get involved
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.