If it is there, it means FortiGate is sending packets and most likely the issue with the next hop or ISP.ĥ. If pinging by IP fails then, run sniffer:ĭiag sniff pack any "host 8.8.8.8 and icmp" 6 0 lĬheck if the destination MAC address is that of the ISP or next hop. If the ping succeeds, IP connectivity is working. If the default route is configured and reflected in the output of the routing table, ping the gateway and public IP. If the route is not present, it may be necessary to alter the distances on the routes involved. The name of the management VDOM is 'root' by default): For example:Īdditionally, check the routing table to ensure that the route is present (if VDOM is enabled, enter the management VDOM config mode. Routing: If using a static IP, make sure there is an appropriate static route added. Note: If using a FortiGate HA cluster, the virtual MAC cannot be specified. This is because the connectivity on a network interface may become unavailable when the interface configuration is changed. Making any configuration change on an 'outside' or 'WAN' network interface requires a direct connection to the FortiGate unit or to a network local to the FortiGate unit. If odd values appear, such as 10 Mbps half duplex, try manually setting the link speed on the FortiGate unit to the highest values supported by the provider's equipment: The link is also up, so the cabling is fine. In the above output, the negotiation appears to be functioning as normal - the interface negotiated 1000 Mbps full duplex. FGT (global) # diag hardware deviceinfo nic wan1
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |