VMware Communities
TryllZ
Expert
Expert
‎11-14-2018 10:18 AM
Jump to solution

Guest VM not getting internet access through firewall VM, VM Workstation 15..

Hi,

I'm doing the following network setup (first time with firewall) but it's not working, unsure where its going wrong.

I have a Fortigate VM firewall port 1 IP 192.168.132.5 on vmnet8(NAT) in VMWare, host vmnet8 IP is 192.168.132.1, guest VM IP is issued by DHCP from firewall (working).

I have a static route between firewall and host vmnet8(NAT).

The firewall VM and guest VM can ping host vmnet8(NAT) interface but do not get internet access which I find strange.

I have created a policy to allow WAN on LAN IPs (guest VM).

Anything I'm missing.

Thank You

0 Kudos
1 Solution

Accepted Solutions
TryllZ
Expert
Expert
‎11-16-2018 11:03 PM
Jump to solution

This is now resolved.

What happened was I was setting manual IP addresses of both the WAN port 1 and the static route gateway as IP address of laptop vmnet8 which is 192.168.132.1.

What I tried was let the DHCP assign the WAN port IP and also let the static route get the IP dynamically (this was an option in the static route only showing when I allow DHCP IP assignment to WAN port 1..

I saw that the dynamically assigned static route IP is 192.168.132.2 (my laptop vmnet8 IP is 192.168.132.1), now I'm just not understanding who is assigning this IP to the static route, if its the VMware DHCP then how or to what is it getting assigned to or is it just a thing between VMWare and Fortigate.

What I have noticed is that the DHCP IP of WAN is 192.168.132.152 and not 192.168.132.2 or 3 or 4 etc, I have tested this twice.

A tracert from the guest client VM

tracert 8.8.8.8

Tracing route to google-public-dns-a.google.com [8.8.8.8]
over a maximum of 30 hops:

  1   <1 ms   <1 ms   <1 ms 192.168.15.10
  2   <1 ms   <1 ms   <1 ms 192.168.132.2 >>> IP first assigned dynamically by fortigate, then I set the same IP manually and it works.
  3   22 ms   5 ms   6 ms 192.168.1.254
  4   6 ms   14 ms   14 ms 192.168.10.1
  5   26 ms   20 ms   21 ms 10.8.15.1
  6   *     22 ms   18 ms 89.19.65.170
  7   *     36 ms   25 ms 89.19.65.201
  8   37 ms   79 ms   16 ms 74.125.244.1
  9   15 ms   25 ms   17 ms 72.14.239.219
10   17 ms   20 ms   15 ms google-public-dns-a.google.com [8.8.8.8]

Trace complete.

View solution in original post

0 Kudos
1 Reply
TryllZ
Expert
Expert
‎11-16-2018 11:03 PM
Jump to solution

This is now resolved.

What happened was I was setting manual IP addresses of both the WAN port 1 and the static route gateway as IP address of laptop vmnet8 which is 192.168.132.1.

What I tried was let the DHCP assign the WAN port IP and also let the static route get the IP dynamically (this was an option in the static route only showing when I allow DHCP IP assignment to WAN port 1..

I saw that the dynamically assigned static route IP is 192.168.132.2 (my laptop vmnet8 IP is 192.168.132.1), now I'm just not understanding who is assigning this IP to the static route, if its the VMware DHCP then how or to what is it getting assigned to or is it just a thing between VMWare and Fortigate.

What I have noticed is that the DHCP IP of WAN is 192.168.132.152 and not 192.168.132.2 or 3 or 4 etc, I have tested this twice.

A tracert from the guest client VM

tracert 8.8.8.8

Tracing route to google-public-dns-a.google.com [8.8.8.8]
over a maximum of 30 hops:

  1   <1 ms   <1 ms   <1 ms 192.168.15.10
  2   <1 ms   <1 ms   <1 ms 192.168.132.2 >>> IP first assigned dynamically by fortigate, then I set the same IP manually and it works.
  3   22 ms   5 ms   6 ms 192.168.1.254
  4   6 ms   14 ms   14 ms 192.168.10.1
  5   26 ms   20 ms   21 ms 10.8.15.1
  6   *     22 ms   18 ms 89.19.65.170
  7   *     36 ms   25 ms 89.19.65.201
  8   37 ms   79 ms   16 ms 74.125.244.1
  9   15 ms   25 ms   17 ms 72.14.239.219
10   17 ms   20 ms   15 ms google-public-dns-a.google.com [8.8.8.8]

Trace complete.
0 Kudos