Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
MustphaBassim
New Contributor III

Created on ‎03-03-2024 02:23 AM

ping with source IP interface on Fortigate device

Hello Dears

 

I want to make source ping from fortigate firewall device towards internet since by default it is blocked take in mind i am not using VODM anyone can help

 

Bests

Labels:
1272
0 Kudos
4 REPLIES 4
srajeswaran
Staff
Staff

Created on ‎03-03-2024 05:22 AM

By default it should be allowed, do you have a route ? Can you share the route, interface IP and error you are getting?

 

Regards,

Suraj

- Have you found a solution? Then give your helper a "Kudos" and mark the solution.

1242
0 Kudos
MustphaBassim
New Contributor III
In response to srajeswaran

Created on ‎03-03-2024 05:32 AM

Hello Dear

thnx for reply

yes default route , NAT configred but no lack to reach internet as show on attached
the IP address is set to port6 as secondary ip address Untitled.png

1235
mpeddalla
Staff
Staff
In response to MustphaBassim

Created on ‎03-03-2024 08:05 AM

Hello @MustphaBassim  ,

 

Thank you for contacting the Fortinet Forum portal.

-You are using correct method on other window can you run below sniffer to see if you are getting reply back ?

 

diagnose sniffer packet any "host 10.150.39.241 and host 8.8.8.8" 4 0 l

ctrl+c to stop sniffer 

 

-If it is ISP secondary check if the arp entry for secondary wan gateway IP is there on FortiGate by command 

 

get system arp 

 

articles  for ping-options:

https://community.fortinet.com/t5/FortiGate/Technical-Tip-How-to-ping-public-IP-from-backup-WAN-inte...

https://community.fortinet.com/t5/FortiGate/Troubleshooting-Tip-Using-PING-options-from-the-FortiGat...

 

Best regards,

Manasa.

 

If you feel the above steps helped to resolve the issue mark the reply as solved so that other customers can get it easily while searching on similar scenarios.

1218
0 Kudos
Rajan_kohli
Staff
Staff

Created on ‎03-03-2024 08:00 AM

Hi @MustphaBassim,

 

You can use a sniffer on another cli as shown below to verify the interface being used by FortiGate.

 

Dia sniffer packet any ' host 8.8.8.8 and icmp ' 4 0 l

 

Regards

Rajan

 

Rajan Kohli
1220
0 Kudos
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.