Hot!SSLVPN remote client can't ping the internal interface of the FGT.

Author
Post
Essentials Only Full Version
thikfly
New Member
  • Total Posts : 1
  • Scores: 0
  • Reward points: 0
  • Joined: 2021/01/10 04:20:48
  • Status: offline
2021/01/10 04:33:49 (permalink) 5.6
0

SSLVPN remote client can't ping the internal interface of the FGT.

I have set up the sslvpn, remote client can connect the sslvpn and can ping the turst lan, but only can't ping the internal interface of the FGT.
 
remote client   <-->   (wan1)FGT(internal(172.30.26.1))  <---> other server(172.30.26.251)
 
How to do ?
 
diagnose sniffer packet ssl.root icmp
interfaces=[ssl.root]
filters=[icmp]
pcap_lookupnet: ssl.root: no IPv4 address assigned
23.606374 10.212.134.200 -> 172.30.26.1: icmp: echo request
28.539743 10.212.134.200 -> 172.30.26.1: icmp: echo request
33.538525 10.212.134.200 -> 172.30.26.1: icmp: echo request
38.541238 10.212.134.200 -> 172.30.26.1: icmp: echo request
46.002575 10.212.134.200 -> 172.30.26.251: icmp: echo request
46.003417 172.30.26.251 -> 10.212.134.200: icmp: echo reply
46.998720 10.212.134.200 -> 172.30.26.251: icmp: echo request
46.999369 172.30.26.251 -> 10.212.134.200: icmp: echo reply
47.999794 10.212.134.200 -> 172.30.26.251: icmp: echo request
48.001342 172.30.26.251 -> 10.212.134.200: icmp: echo reply
49.001606 10.212.134.200 -> 172.30.26.251: icmp: echo request
49.002319 172.30.26.251 -> 10.212.134.200: icmp: echo reply


#1
SSL VPN

1 Reply Related Threads
    MikePruett
    Platinum Member
    • Total Posts : 705
    • Scores: 17
    • Reward points: 0
    • Joined: 2014/01/08 19:39:40
    • Location: Montgomery, Al
    • Status: offline
    Re: SSLVPN remote client can't ping the internal interface of the FGT. 2021/01/10 09:29:12 (permalink)
    0
    1. Is PING enabled on said interface?
    2. Is policy built to allow it?
    3. Split tunnel or full tunnel?

    Mike Pruett
    Fortinet GURU | Fortinet Training Videos
    #2
    Jump to:
    © 2021 APG vNext Commercial Version 5.5