Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
762
Views
0
Helpful
0
Replies

Firewall Virtual IP not pinging - After ACL

faizanelahi
Level 1
Level 1

‎09-02-2019 04:34 AM

Hi,

We have a fortigate firewall where we have done one to one nat of local IP with public IP. We have a requirement of pinging a virtual IP (public IP) from the internal network. After configuring one policy it worked fine.

Later we have configured an access list to allow only one network to ping this VLAN and applied the acl on inbound direction of vlan. It worked fine but public IP (virtual IP of fortigate) stopped pinging.

My requirement is to ping both virtual IP and private IP from 10.10.200.0 network. If i remove the access list, virtual IP is pinging fine.

Below is my access list,

ip access-list extended DMZ

10 permit ip 10.10.200.0 0.0.0.255 any

20 permit ip 10.10.0.0 0.0.255.255 10.10.200.0 0.0.0.255

30 deny ip 10.10.0.0 0.0.255.255 10.10.0.0 0.0.255.255

40 permit ip any any

Could anyone suggest what is wrong here.

Thanks,

Labels:
0 Helpful
0 Replies 0
Customers Also Viewed These Support Documents