Hi guys I manage a multi tenanted building where were provide each company Thier own public IP with our fortigate as the gateway. We have a /27 subnet which we've divided into /30 subnets. The first /30 subnet we configure as the WAN interface. It has the ISP router as one of the available hosts and our firewall as the other IP. The next /30 subnet we have configured as LAN added as a vlan interface, we give the fortigate one of the IPs on that vlan and tell the tenant to use the other IP. There is a static route that directs all traffic out of the ISP router. Now this all works fine but now I'm trying to add a new WAN to first work in tandem with the current line but then will replace it. I configure just the wan interface on the port the ISP router is attached to and allow ping. To test if the interface is reachable via the net I ping the wan IP but for some reason it doesn't ping. First question Anyone know what access rule I have to create for ping to work the main wan doesn't appear to need one? (The connection definitely works as I connected a laptop directly to the ISP router and was able to get out to the internet).
For the sake of time I assumed the connection is online and configured a /30 subnet on the LAN interface just like I did before on the primary wan but this time with a public subnet provided from the new wan. I create the necessary ipv4 policies, I create a policy route to override the default to say all traffic going from the newly created vlan should route out of new WAN. I test it and it doesn't work. I'm sorry if none of this makes sense I kinda got bored half way through writing it 😃😃😃😃. But please any help would be appreciated.
No comments:
Post a Comment