Support and News Forum

I downloaded KVM FortiOs 7.2.4. I need the Firewall to fortigate reach the ipaddress 8.8.8.8. To update the FortiGate-VM evaluation license.
Can someone help me?

It depends where did you connect your device, the cloud must have internet !! as well node must be configured properly

VM-EVE-NG is configured with fixed IP 10.11.217.110/24. The fortigate image has port 1 configured with the IP 10.11.217.109/24, a static route 10.11.217.0/24 and the gateway 10.11.217.1 configured.
A VM-EVE-NG ping 8.8.8.8, 10.11.217.109(fortigate image). The image ping 10.11.217.110 (VM-EVE-NG) . I couldn't make the image fortigate ping 8.8.8.8.


sh sys inter
config system interface
edit "port1"
set vdom "root"
set ip 10.11.217.109 255.255.255.0
set allowaccess ping https ssh http telnet
set type physical
set alias "internal"
set snmp-index 1
next
edit "port2"
set vdom "root"
set type physical
set snmp-index 2
next
edit "port3"
set vdom "root"
set type physical
set snmp-index 3
next
edit "port4"
set vdom "root"
set type physical
set snmp-index 4
next
edit "naf.root"
set vdom "root"
set type tunnel
set src-check disable
set snmp-index 5
next
edit "l2t.root"
set vdom "root"
set type tunnel
set snmp-index 6
next
edit "ssl.root"
set vdom "root"
set type tunnel
set alias "SSL VPN interface"
set snmp-index 7
next
edit "fortilink"
set vdom "root"
set fortilink enable
set ip 10.255.1.1 255.255.255.0
set allowaccess ping fabric
set type aggregate
set lldp-reception enable
set lldp-transmission enable
set snmp-index 8
next
end
-------------------------------------
FGT(static) # show
config router static
edit 1
set dst 10.11.217.0 255.255.255.0
set gateway 10.11.217.110
set device "port1"

And where is default route on Forti, your node dont know where is 8.8.8.8

I did not understand your question? You say on VM-EVE-NG/10.11.217.110?
Can you show which setting is missing?

your fortinet with just ststic route to private subnet does not know how to reach 8.8.8.8
because you have not configured default route on forti with default gateway.
In your setup currently you, no logic how to reach internet...

Simply you have not default route to 0.0.0.0/0 via default GW 10.11.217.XX (same GW IP as for EVE VM itself)

I configured a static route as below. But the packet not reach the internet.

seeduc (static) # show
config router static
edit 2
set device "port1"
next
end

seeduc (static) # edit 2

seeduc (2) # set 0.0.0.0/0
seeduc # execute ping 10.11.217.110 (VM-EVE-NG)
PING 10.11.217.110 (10.11.217.110): 56 data bytes
64 bytes from 10.11.217.110: icmp_seq=0 ttl=64 time=0.7 ms
64 bytes from 10.11.217.110: icmp_seq=1 ttl=64 time=0.6 ms
64 bytes from 10.11.217.110: icmp_seq=2 ttl=64 time=0.8 ms
64 bytes from 10.11.217.110: icmp_seq=3 ttl=64 time=0.4 ms
64 bytes from 10.11.217.110: icmp_seq=4 ttl=64 time=0.4 ms

seeduc # execute ping 8.8.8.8
PING 8.8.8.8 (8.8.8.8): 56 data bytes

--- 8.8.8.8 ping statistics ---
5 packets transmitted, 0 packets received, 100% packet loss