Help
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
chanklish
New Contributor II

Created on ‎05-16-2023 08:31 AM

trying to access the fortigate internally

hello

I am trying to connect to the fortigate internally but everytime i connect it to my network , my connection is out 

i want to be able to access it from 192.168.20.0/24
i tried putting ip from this subnet on the mgmt or lan2 and connect it to the core switch i have , but the internet is gone from computers connected to this subnet ( but i am able to receive an ip from my dhcp router so connection between fortigate->switch-> router is working 

removing the cable from the switch , internet work .. i believe maybe i have a loop 

 

Static routes from the fortigate (10.77.77.2 is my main router - same as dhcp ) - it has a route 0.0 .0. 0 / 0 to 10.77.77.1 ( lan switch in fortigate )

routes.jpg

Labels:
1615
0 Kudos
13 REPLIES 13
AEK
Honored Contributor II

Created on ‎05-16-2023 12:35 PM

Hello

Can you share a diagram?

AEK
AEK
1206
chanklish
New Contributor II
In response to AEK

Created on ‎05-17-2023 11:08 AM

192.168.20.0/24 on my router. And  router routes to 10.77.77.1 (FortiGate). And  FortiGate routes to 192.168.85.1 (WAN).

1169
0 Kudos
gfleming
Staff
Staff

Created on ‎05-16-2023 02:11 PM

You should not be putting 192.168.20.0/24 onto the FortiGate, anywhere. It sounds like this exists on your router so keep it there. Also never use mgmt interface for anything except mgmt traffic.

 

So you have 192.168.20.0/24 on your router. And your router routes to 10.77.77.1 (your FortiGate). And your FortiGate routes to 192.168.85.1 (WAN).

 

Do you have firewall policies to allow traffic from lan to wan1?

Cheers,
Graham
1194
chanklish
New Contributor II
In response to gfleming

Created on ‎05-17-2023 11:07 AM

yes this is mostly my network

i have a rule for internet for 192.168.20.0/24 (i have internet on my 20.x computer)

i want to be able to manage the fortigate from my pc 20.x

1170
0 Kudos
gfleming
Staff
Staff
In response to chanklish

Created on ‎05-17-2023 01:31 PM

Are you allowing HTTPS and SSH on the lan interface?

Cheers,
Graham
1155
chanklish
New Contributor II
In response to gfleming

Created on ‎05-17-2023 02:04 PM

i am not sure , but the problem is that internet goes offline on the computer when i connect the fortigate lan to the router 

1153
0 Kudos
gfleming
Staff
Staff
In response to chanklish

Created on ‎05-17-2023 02:15 PM

OK what is your router's default route pointing to before you connect the fortigate to it? You probably need to reconfigure your router...

Cheers,
Graham
1150
chanklish
New Contributor II
In response to gfleming

Created on ‎05-17-2023 02:36 PM

all routes goes to the fortigate on lan 1

maybe i can nat the 10.77.77.1 (my FortiGate) to access it from the pc

1146
0 Kudos
gfleming
Staff
Staff
In response to chanklish

Created on ‎05-17-2023 02:42 PM

I'm asking you what is the router configured for before you connect it to the FortiGate LAN?

 

Presumably you have internet access through this router that is working until you connect the FortiGate LAN interface?


We need to understand how the router is configured.

 

And no you don't need NAT.... you need to focus on your network and routing configuraiton..

Cheers,
Graham
1144
Labels
Top Kudoed Authors
View all
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2024 Fortinet, Inc. All Rights Reserved.