Ping in Fortigate

AXISHK
AXISHK used Ask the Experts™
on
My Fortiage can form a remote site with IPSec VPN succesfully.

However, under CLI console, it can only ping local IP but not the remote IP. Do I mean to expliclity specify the interface when I ping a remote IP through IPsec VPN ?

Currently, I run "execute ping x.x.x.x". Any idea ?

Thx
Comment
Watch Question

Do more with

Expert Office
EXPERT OFFICE® is a registered trademark of EXPERTS EXCHANGE®
RaghavIT Specialist

Commented:
Do you have ping enabled on Administrative Access on the Fortigate' s wan interface?

--Raghav.
"Batchelor", Developer and EE Topic Advisor
Top Expert 2015
Commented:
That is irrelevant, Raghav. The remote IP is thought to be the private IP target of the tunnel ("ping a remote IP through IPsec VPN").

Usually providing the interface is optional, as long as routing/policy info is sufficient to know where to go. There is the issue of the source IP used, though - it might not be clear which one to use for FortiGate, so providing the corresponding interface or source IP could help.

Are you able to ping the remote IP from a local machine? If no, the issue is elsewhere, e.g. remote (personal) firewall inhibiting traffic from outside their LAN.

Do more with

Expert Office
Submit tech questions to Ask the Experts™ at any time to receive solutions, advice, and new ideas from leading industry professionals.

Start 7-Day Free Trial