Page 1 of 1
					
				update the FortiGate-VM evaluation license.
				Posted: Sat Mar 04, 2023 10:30 pm
				by victorino
				I downloaded KVM FortiOs 7.2.4. I need the Firewall to fortigate reach the ipaddress 8.8.8.8. To update the FortiGate-VM evaluation license.
Can someone help me?
			 
			
					
				Re: update the FortiGate-VM evaluation license.
				Posted: Wed Mar 08, 2023 8:58 am
				by Uldis (UD)
				It depends where did you connect your device, the cloud must have internet !! as well node must be configured properly
			 
			
					
				Re: update the FortiGate-VM evaluation license.
				Posted: Sun Mar 12, 2023 3:14 am
				by victorino
				VM-EVE-NG is configured with fixed IP 10.11.217.110/24. The fortigate image has port 1 configured with the IP 10.11.217.109/24, a static route 10.11.217.0/24 and the gateway 10.11.217.1 configured.
A VM-EVE-NG ping 8.8.8.8, 10.11.217.109(fortigate image). The image ping 10.11.217.110 (VM-EVE-NG) . I couldn't make the image fortigate ping 8.8.8.8.
sh sys inter
config system interface
    edit "port1"
        set vdom "root"
        set ip 10.11.217.109 255.255.255.0
        set allowaccess ping https ssh http telnet
        set type physical
        set alias "internal"
        set snmp-index 1
    next
    edit "port2"
        set vdom "root"
        set type physical
        set snmp-index 2
    next
    edit "port3"
        set vdom "root"
        set type physical
        set snmp-index 3
    next
    edit "port4"
        set vdom "root"
        set type physical
        set snmp-index 4
    next
    edit "naf.root"
        set vdom "root"
        set type tunnel
        set src-check disable
        set snmp-index 5
    next
    edit "l2t.root"
        set vdom "root"
        set type tunnel
        set snmp-index 6
    next
    edit "ssl.root"
        set vdom "root"
        set type tunnel
        set alias "SSL VPN interface"
        set snmp-index 7
    next
    edit "fortilink"
        set vdom "root"
        set fortilink enable
        set ip 10.255.1.1 255.255.255.0
        set allowaccess ping fabric
        set type aggregate
        set lldp-reception enable
        set lldp-transmission enable
        set snmp-index 8
    next
end
-------------------------------------
FGT(static) # show
config router static
    edit 1
        set dst 10.11.217.0 255.255.255.0
        set gateway 10.11.217.110
        set device "port1"
			 
			
					
				Re: update the FortiGate-VM evaluation license.
				Posted: Sun Mar 12, 2023 10:51 am
				by Uldis (UD)
				And where is default route on Forti, your node dont know where is 8.8.8.8

 
			
					
				Re: update the FortiGate-VM evaluation license.
				Posted: Sun Mar 12, 2023 1:19 pm
				by victorino
				I did not understand your question? You say on VM-EVE-NG/10.11.217.110?
Can you show which setting is missing?
			 
			
					
				Re: update the FortiGate-VM evaluation license.
				Posted: Sun Mar 12, 2023 3:55 pm
				by Uldis (UD)
				your fortinet with just ststic route to private subnet does not know how to reach 8.8.8.8
because you have not configured default route on forti with default gateway.
In your setup currently you, no logic how to reach internet...
Simply you have not default route to 0.0.0.0/0 via default GW 10.11.217.XX (same GW IP as for EVE VM itself)
			 
			
					
				Re: update the FortiGate-VM evaluation license.
				Posted: Mon Mar 13, 2023 3:22 pm
				by victorino
				I configured a static route as below. But the packet not reach the internet.
seeduc (static) # show
config router static
    edit 2
        set device "port1"
    next
end
seeduc (static) # edit 2
seeduc (2) # set 0.0.0.0/0
seeduc # execute ping 10.11.217.110 (VM-EVE-NG)
PING 10.11.217.110 (10.11.217.110): 56 data bytes
64 bytes from 10.11.217.110: icmp_seq=0 ttl=64 time=0.7 ms
64 bytes from 10.11.217.110: icmp_seq=1 ttl=64 time=0.6 ms
64 bytes from 10.11.217.110: icmp_seq=2 ttl=64 time=0.8 ms
64 bytes from 10.11.217.110: icmp_seq=3 ttl=64 time=0.4 ms
64 bytes from 10.11.217.110: icmp_seq=4 ttl=64 time=0.4 ms
seeduc # execute ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes
--- 8.8.8.8 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss