- Forums
- Knowledge Base
- Customer Service
- FortiGate
- FortiClient
- FortiAP
- FortiAnalyzer
- FortiADC
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCarrier
- FortiCASB
- FortiConnect
- FortiConverter
- FortiCNP
- FortiDAST
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDeceptor
- FortiDevSec
- FortiDirector
- FortiEDR
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPortal
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSandbox
- FortiSASE
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiWebCloud
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Blogs
Support Forum
The Forums are a place to find answers on a range of Fortinet products from peers and product experts.
- Fortinet Community
- Forums
- Support Forum
- Re: NO internet connection when using static ip ?
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
NO internet connection when using static ip ?
hello every one
i am wondering why internet connection not working in fortigate 70f when i config the wan port ip manually ??
i try to exec ping google.com but not resolved
but when i change to dhcp to take an ip from the tplink router ,everything works just fine and i am able to ping anything from CLI .
with static ip config
i try to add static route :
0.0.0.0 172.16.16.1 (tplink gateway)
i also added dns
8.8.8.8 (unreachable )
8.8.4.4 (unreachable )
i can ping the gateway only 17.16.16.1
------------------------
i need the internet only to setup VPN site to site NOT to provide internet access to the local workstations .
as i mentioned it works only if i use DHCP not static IP . as u know DHCP not a good choice for my case ,if anything happened like power loss or restarting, it will obtain a new WAN IP address and the other site will not be able to access the database .
Labels:
- Labels:
-
FortiGate
- « Previous
- Next »
34 REPLIES 34
Created on 04-28-2024 06:01 PM Edited on 04-28-2024 06:01 PM
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
yah i can find it in fortigate site B in the system information window it is like : 224.125.18.451
ok u mean i have to put this ip as new static route in fortigate site A to be like
0.0.0.0/0 224.125.18.451
?
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
No. 224.x.x.x is a multicast IP, not a general public IP Site-B got.
I meant a user with a desktop/laptop at Site-B can go to Google, then search "what is my ip" to get an IP like below:
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
i managed to get site B fortigate ddns work and i can access it form outside the network by following your instructions regarding the public ip and the adsl modem .
in site B tplink modem i changed it to bridge then i reconfigured site B fortigatw wan to PPPOE and created domain dns and worked very well .
now i site A (HQ) i changed the internet connection from dsl to Fiber connection, but problem still there it only accepts DHCP . i kept it as DHCP no problem if there is an internet connection .
and created domain DDNS and seems fine : when i ping the DDNS domain name from cli it pings ok .when i try to ping the site B domain DDNS : it shows me the remote site IP but all packet loss . something is blocking DDNS .
all servers and sites can be ping but ddns cannot for site A.
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
Have you found out the public IP viewed from the outside at Site-B? Was it the same with the IP the TP-Link pulled from the ISP? If they're different no VPN might establish if Site-A's TPLink's IP is not static, like below:
https://community.fortinet.com/t5/Support-Forum/IPSec-Site-to-Site-VPN-between-two-carrier-grade-nat...
In any case, after many of us trying to figure this out, none of us could get enough information to determine mainly because we don't have access to your FGT and can't see what TP-Link has including traceroute result from both ends, and wasting your time as the result.
I think it's better you open a ticket at TAC then get a TAC person looked at both sides to determine what can/need to be done in your situation.
Toshi
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Permalink
- Report Inappropriate Content
NOW -this config without PPPoe . obtained from TPLink router DHCP with fortiguard DDNS disabled or Enabled .same result ..
yah it is the same :
what is my ip : XXX.XX.94.103
in fortigate info : XXX.XX.94.103
when i put the above ip in in the browser it opens tplink login page .
ANYWAY THNAKS will go ahead with TAC
- « Previous
- Next »
Related Posts
- Fortinet external AD Connector and retrieving... 55 Views
- Connection from VLAN to VIP does... 223 Views
- Virtual IP for npm breaks my... 426 Views
- Forticlient VPN Permission denied (-455) 476 Views
- Novice Needing Help Setting Up FortiGate... 285 Views
Labels
-
FortiGate
6,728 -
FortiClient
1,341 -
5.2
801 -
5.4
639 -
FortiManager
580 -
FortiAnalyzer
425 -
6.0
416 -
5.6
362 -
FortiSwitch
345 -
FortiAP
343 -
FortiClient EMS
274 -
FortiMail
262 -
6.2
251 -
FortiAuthenticator v5.5
234 -
5.0
196 -
FortiWeb
160 -
6.4
128 -
FortiNAC
110 -
FortiGuard
106 -
FortiSIEM
92 -
FortiGateCloud
87 -
FortiCloud Products
85 -
IPsec
82 -
FortiToken
73 -
Customer Service
70 -
SSL-VPN
68 -
4.0MR3
64 -
Wireless Controller
62 -
FortiProxy
46 -
FortiADC
44 -
FortiEDR
41 -
Fortivoice
41 -
FortiGate v5.4
34 -
FortiDNS
34 -
FortiExtender
33 -
FortiSandbox
32 -
SD-WAN
31 -
FortiSwitch v6.4
30 -
Firewall policy
30 -
High Availability
24 -
FortiConnect
24 -
FortiAuthenticator
22 -
VLAN
22 -
FortiWAN
22 -
FortiConverter
21 -
ZTNA
20 -
FortiPortal
18 -
FortiSwitch v6.2
16 -
FortiGate v5.2
16 -
Certificate
16 -
FortiMonitor
14 -
SAML
14 -
Interface
14 -
Logging
14 -
BGP
13 -
DNS
13 -
FortiGate v5.0
13 -
FortiDDoS
13 -
LDAP
12 -
Routing
12 -
FortiCASB
12 -
VDOM
12 -
fortilink
11 -
RADIUS
10 -
Virtual IP
10 -
FortiRecorder
10 -
FortiWeb v5.0
9 -
Authentication
9 -
FortiManager v5.0
9 -
NAT
9 -
4.0MR2
9 -
SSID
8 -
SSL SSH inspection
8 -
Traffic shaping
8 -
SSO
8 -
Application control
8 -
RMA Information and Announcements
7 -
FortiSOAR
7 -
FortiAnalyzer v5.0
7 -
FortiGate v4.0 MR3
7 -
Admin
7 -
4.0
7 -
IP address management - IPAM
7 -
Security profile
6 -
FortiBridge
6 -
Fortigate Cloud
6 -
SNMP
6 -
Proxy policy
5 -
Traffic shaping policy
5 -
FortiAP profile
5 -
Web application firewall profile
5 -
Web profile
5 -
FortiTester
5 -
FortiManager v4.0
5 -
Static route
5 -
FortiDirector
4 -
IPS signature
4 -
Packet capture
4 -
Antivirus profile
4 -
Automation
4 -
WAN optimization
4 -
DNS Filter
4 -
FortiCarrier
4 -
FortiCache
4 -
OSPF
4 -
3.6
4 -
FortiScan
4 -
Port policy
4 -
FortiToken Cloud
3 -
DoS policy
3 -
Email filter profile
3 -
Intrusion prevention
3 -
FortiDB
3 -
trunk
3 -
FortiDeceptor
2 -
System settings
2 -
FortiInsight
2 -
NAC policy
2 -
Fortinet Engage Partner Program
2 -
Users
2 -
Traffic shaping profile
2 -
FortiPAM
2 -
VoIP profile
2 -
FortiAI
2 -
FortiHypervisor
2 -
Netflow
2 -
Protocol option
2 -
4.0MR1
1 -
TACACS
1 -
Replacement messages
1 -
Subscription Renewal Policy
1 -
Schedule
1 -
FortiCWP
1 -
FortiNDR
1 -
SDN connector
1 -
Application signature
1 -
Authentication rule and scheme
1 -
FortiManager-VM
1 -
Web rating
1 -
Internet Service Database
1 -
Fabric connector
1 -
Multicast routing
1 -
Explicit proxy
1 -
Zone
1
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2024 Fortinet, Inc. All Rights Reserved.