Monday, June 22, 2009

Extended Ping in FortiOS CLI

Many of you Cisco throwbacks know how an extended ping can save your bacon. There are times when you need to test your ping from various source interfaces to verify reachable networks for instance to bring up IPSEC tunnel policies. Using an extended PING in Cisco was your friend and Fortinet also has the ability to do this.

Internal: 192.168.42.1
DMZ: 192.168.100.1
WAN1: 10.10.100.254
Customer Side Network: 172.15.30.1


# exec ping-options source 192.168.100.1
(The interface IP you want to source from - in this case the DMZ interface)

# exec ping 172.15.30.1

Pings to 172.15.30.1 on the customer side network will now originate from the DMZ interface.

(Article by Joseph Finley)

Thursday, June 18, 2009