Re: Issues with setting up Fortigate VM
Hi Sebastan, you don't need a dedicated management port, enabling management on an interface would be enough.
Sounds a little weird that your internal pc cant ping through the firewall since a) firewall can ping the internet, b) pc can ping firewall lan interface c) allow all policy has nat enabled.
My suspicion is that there is a problem with the policy (are you referencing the correct interfaces?).
Ultimately the best way to test this out is to do a diag debug from the FortiGate CLI to confirm exactly where these packets are going.
Firstly make sure you are not pinging 126.96.36.199. Connect to the FortiGate CLI then type the following commands:
diag debug flow filter daddr 188.8.131.52
diag debug flow show console enable
diag debug enable
diag debug flow trace start 3
Once this is done start pinging 184.108.40.206 from your internal PC. Observe the FortiGate CLI output, it should confirm two key things 1) what route/interface the packets match & 2) what policy it hit.