Fortinet white logo
Fortinet white logo

Administration Guide

Ping & Traceroute

Ping & Traceroute

If your FortiWeb appliance cannot connect to other hosts, try using ICMP (ping and traceroute) to determine if the host is reachable or to locate the node of your network at which connectivity fails, such as when static routes are incorrectly configured. You can do this from the FortiWeb appliance using CLI commands.

For example, you might use ping to determine that 192.0.2.87 is reachable:

execute ping 192.0.2.87

PING 192.0.2.87 (192.0.2.87): 56 data bytes

64 bytes from 192.0.2.87: icmp_seq=0 ttl=64 time=2.4 ms

64 bytes from 192.0.2.87: icmp_seq=1 ttl=64 time=1.4 ms

64 bytes from 192.0.2.87: icmp_seq=2 ttl=64 time=1.4 ms

64 bytes from 192.0.2.87: icmp_seq=3 ttl=64 time=0.8 ms

64 bytes from 192.0.2.87: icmp_seq=4 ttl=64 time=1.4 ms

--- 192.0.2.87 ping statistics ---

5 packets transmitted, 5 packets received, 0% packet loss

round-trip min/avg/max = 0.8/1.4/2.4 ms

or that 192.168.1.10 is not reachable:

execute ping 192.0.2.55

PING 192.0.2.55 (192.0.2.55): 56 data bytes

Timeout ...

Timeout ...

Timeout ...

Timeout ...

Timeout ...

--- 192.0.2.55 ping statistics ---

5 packets transmitted, 0 packets received, 100% packet loss

If the host is not reachable, you can use traceroute to determine the router hop or host at which the connection fails:

execute traceroute 192.0.2.55

traceroute to 192.0.2.55 (192.0.2.55), 32 hops max, 72 byte packets

1 192.168.1.2 2 ms 0 ms 1 ms

2 * * *

For details about CLI commands, see the FortiWeb CLI Reference:

https://docs.fortinet.com/product/fortiweb/

For details about troubleshooting connectivity, see Diagnosing Network Connectivity Issues.

Both ping and traceroute require that network nodes respond to ICMP. If you have disabled responses to ICMP on your network, hosts may appear to be unreachable to ping and traceroute, even if connections using other protocols can succeed.

Ping & Traceroute

Ping & Traceroute

If your FortiWeb appliance cannot connect to other hosts, try using ICMP (ping and traceroute) to determine if the host is reachable or to locate the node of your network at which connectivity fails, such as when static routes are incorrectly configured. You can do this from the FortiWeb appliance using CLI commands.

For example, you might use ping to determine that 192.0.2.87 is reachable:

execute ping 192.0.2.87

PING 192.0.2.87 (192.0.2.87): 56 data bytes

64 bytes from 192.0.2.87: icmp_seq=0 ttl=64 time=2.4 ms

64 bytes from 192.0.2.87: icmp_seq=1 ttl=64 time=1.4 ms

64 bytes from 192.0.2.87: icmp_seq=2 ttl=64 time=1.4 ms

64 bytes from 192.0.2.87: icmp_seq=3 ttl=64 time=0.8 ms

64 bytes from 192.0.2.87: icmp_seq=4 ttl=64 time=1.4 ms

--- 192.0.2.87 ping statistics ---

5 packets transmitted, 5 packets received, 0% packet loss

round-trip min/avg/max = 0.8/1.4/2.4 ms

or that 192.168.1.10 is not reachable:

execute ping 192.0.2.55

PING 192.0.2.55 (192.0.2.55): 56 data bytes

Timeout ...

Timeout ...

Timeout ...

Timeout ...

Timeout ...

--- 192.0.2.55 ping statistics ---

5 packets transmitted, 0 packets received, 100% packet loss

If the host is not reachable, you can use traceroute to determine the router hop or host at which the connection fails:

execute traceroute 192.0.2.55

traceroute to 192.0.2.55 (192.0.2.55), 32 hops max, 72 byte packets

1 192.168.1.2 2 ms 0 ms 1 ms

2 * * *

For details about CLI commands, see the FortiWeb CLI Reference:

https://docs.fortinet.com/product/fortiweb/

For details about troubleshooting connectivity, see Diagnosing Network Connectivity Issues.

Both ping and traceroute require that network nodes respond to ICMP. If you have disabled responses to ICMP on your network, hosts may appear to be unreachable to ping and traceroute, even if connections using other protocols can succeed.