Fortinet black logo

Administration Guide

Home FortiSASE Administration Guide

Testing private access connectivity from FortiGate hub network to remote users

Testing private access connectivity from FortiGate hub network to remote users

Note

This test depends on a private access policy being defined in the From Hub direction on a FortiSASE instance with the remote VPN user identification selected availability feature. See Remote VPN user identification.

You can verify access from the FortiGate hub network to FortiSASE users, namely FortiClient users connected to FortiSASE in endpoint mode using ping.

From a host behind the FortiGate hub internal network, use ping to verify access to a FortiClient user connected to FortiSASE

The example pings the FortiClient user with 100.65.0.1 from 10.100.99.104, which is a host on an internal network. The following shows sample output:

root@internal-server-01:~# ping 100.65.0.1
PING 100.65.0.1 (100.65.0.1) 56(84) bytes of data.
64 bytes from 100.65.0.1: icmp_seq=1 ttl=126 time=73.3 ms
64 bytes from 100.65.0.1: icmp_seq=2 ttl=126 time=72.5 ms
64 bytes from 100.65.0.1: icmp_seq=3 ttl=126 time=74.0 ms
64 bytes from 100.65.0.1: icmp_seq=4 ttl=126 time=72.1 ms
^C                                   
--- 100.65.0.1 ping statistics ---   
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 72.127/73.008/74.034/0.735 ms
Previous
Next

Testing private access connectivity from FortiGate hub network to remote users

Note

This test depends on a private access policy being defined in the From Hub direction on a FortiSASE instance with the remote VPN user identification selected availability feature. See Remote VPN user identification.

You can verify access from the FortiGate hub network to FortiSASE users, namely FortiClient users connected to FortiSASE in endpoint mode using ping.

From a host behind the FortiGate hub internal network, use ping to verify access to a FortiClient user connected to FortiSASE

The example pings the FortiClient user with 100.65.0.1 from 10.100.99.104, which is a host on an internal network. The following shows sample output:

root@internal-server-01:~# ping 100.65.0.1
PING 100.65.0.1 (100.65.0.1) 56(84) bytes of data.
64 bytes from 100.65.0.1: icmp_seq=1 ttl=126 time=73.3 ms
64 bytes from 100.65.0.1: icmp_seq=2 ttl=126 time=72.5 ms
64 bytes from 100.65.0.1: icmp_seq=3 ttl=126 time=74.0 ms
64 bytes from 100.65.0.1: icmp_seq=4 ttl=126 time=72.1 ms
^C                                   
--- 100.65.0.1 ping statistics ---   
4 packets transmitted, 4 received, 0% packet loss, time 3004ms
rtt min/avg/max/mdev = 72.127/73.008/74.034/0.735 ms
Previous
Next