You may want to verify the IP addresses assigned to the FortiGate interfaces are what you expect them to be.
To verify IP addresses:
diagnose ip address list
The output lists the:
- IP address and mask (if available)
indexof the interface (a type of ID number)
devname(the interface name)
While physical interface names are set, virtual interface names can vary. A good way to use this command is to list all of the virtual interface names. For
vsys_fgfm, the IP addresses are the local host, which are virtual interfaces that are used internally.
# diagnose ip address list
IP=10.31.101.100->10.31.101.100/255.255.255.0 index=3 devname=internal
IP=172.20.120.122->172.20.120.122/255.255.255.0 index=5 devname=wan1
IP=127.0.0.1->127.0.0.1/255.0.0.0 index=8 devname=root
IP=127.0.0.1->127.0.0.1/255.0.0.0 index=11 devname=vsys_ha
IP=127.0.0.1->127.0.0.1/255.0.0.0 index=13 devname=vsys_fgfm