Monday, June 22, 2009

Extended Ping in FortiOS CLI

Many of you Cisco throwbacks know how an extended ping can save your bacon. There are times when you need to test your ping from various source interfaces to verify reachable networks for instance to bring up IPSEC tunnel policies. Using an extended PING in Cisco was your friend and Fortinet also has the ability to do this.

Internal: 192.168.42.1
DMZ: 192.168.100.1
WAN1: 10.10.100.254
Customer Side Network: 172.15.30.1


# exec ping-options source 192.168.100.1
(The interface IP you want to source from - in this case the DMZ interface)

# exec ping 172.15.30.1

Pings to 172.15.30.1 on the customer side network will now originate from the DMZ interface.

(Article by Joseph Finley)

6 comments:

maestro pido said...

how can i continously ping an ip from cli it stops after 5 tries, thanks

Anonymous said...

exec ping-options repeat-count 100

exec ping x.x.x.x

substitute the 100 with the number of replies you want. I don't know of any other continuous commands, but you can set the repeat to 1000

Unknown said...

Its will working fine or not?

Unknown said...

it is not working plz write differnt cmd for it..

Unknown said...

exec ping-options repeat-count 100

exec ping x.x.x.x

worked perfectly. just change the number of counts to something other than 100, and change the x.x.x.x to the actual IP address you are trying to ping. you just have to type the first line, then hit enter, then type the second line and hit enter

Unknown said...

1-ok, what if I test another ping? is it still going to ping from the previous source or any interface clos to the destination?

2- i ping # exec ping-options source "Random IP" the destination still replay can you help!!! I am New Forti Admin!!!!