Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MAIKO
New Contributor

Created on ‎04-11-2023 04:43 AM

How can 2 LANs communicate/exchange traffic inside FortiGate ?

Hi I'm struggling trying to communicate from 2 different LANs inside fortigate , what can I do ? 

 

 I want to ping PC3 from PC1 and vice-versa or the internet (8.8.8.8) from any PC but I can't

 

I can ping all the PCs and the Internet from FortiGate CLI tho, I think I read I should do routing policy but Idk how to do that exactly 

 

 

 

 

 

Labels:
466
0 Kudos
3 REPLIES 3
abarushka
Staff
Staff

Created on ‎04-12-2023 01:02 AM

Hello,

You may consider to collect traffic sniffer "diagnose sniffer packet any 'host 10.20.10.11 and host 10.20.20.13' 4 0 a" and debug flow while pinging:

 

diagnose debug flow filter saddr 10.20.10.11
diagnose debug flow filter daddr 10.20.20.13
diagnose debug flow show function-name enable
diagnose debug flow trace start 10
diagnose debug enable

FortiGate
442
0 Kudos
MAIKO
New Contributor

Created on ‎04-12-2023 01:42 AM

So I apparently I did it , just added 6 firewall policies 

 

is there a guide that shows all different CLI commands please ? and isn't there a better way to do what I just did ?

440
0 Kudos
abarushka
Staff
Staff
In response to MAIKO

Created on ‎04-12-2023 05:49 AM

Hello,

 

Traffic should be explicitly allowed, otherwise it will be dropped. In the debug flow firewall policy lookup process is shown.

FortiGate
430
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.