Hot!SSLVPN remote client can't ping the internal interface of the FGT.

Author
thikfly
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2021/01/10 04:20:48
  • Status: offline
2021/01/10 04:33:49 (permalink) 5.6
0

SSLVPN remote client can't ping the internal interface of the FGT.

I have set up the sslvpn, remote client can connect the sslvpn and can ping the turst lan, but only can't ping the internal interface of the FGT.
 
remote client   <-->   (wan1)FGT(internal(172.30.26.1))  <---> other server(172.30.26.251)
 
How to do ?
 
diagnose sniffer packet ssl.root icmp
interfaces=[ssl.root]
filters=[icmp]
pcap_lookupnet: ssl.root: no IPv4 address assigned
23.606374 10.212.134.200 -> 172.30.26.1: icmp: echo request
28.539743 10.212.134.200 -> 172.30.26.1: icmp: echo request
33.538525 10.212.134.200 -> 172.30.26.1: icmp: echo request
38.541238 10.212.134.200 -> 172.30.26.1: icmp: echo request
46.002575 10.212.134.200 -> 172.30.26.251: icmp: echo request
46.003417 172.30.26.251 -> 10.212.134.200: icmp: echo reply
46.998720 10.212.134.200 -> 172.30.26.251: icmp: echo request
46.999369 172.30.26.251 -> 10.212.134.200: icmp: echo reply
47.999794 10.212.134.200 -> 172.30.26.251: icmp: echo request
48.001342 172.30.26.251 -> 10.212.134.200: icmp: echo reply
49.001606 10.212.134.200 -> 172.30.26.251: icmp: echo request
49.002319 172.30.26.251 -> 10.212.134.200: icmp: echo reply


#1
MikePruett
Platinum Member
  • Total Posts : 705
  • Scores: 17
  • Reward points: 0
  • Joined: 2014/01/08 19:39:40
  • Location: Montgomery, Al
  • Status: offline
Re: SSLVPN remote client can't ping the internal interface of the FGT. 2021/01/10 09:29:12 (permalink)
0
1. Is PING enabled on said interface?
2. Is policy built to allow it?
3. Split tunnel or full tunnel?
#2
Jump to:
© 2021 APG vNext Commercial Version 5.5