Unable to access remote systems from Linux, but able to access from Windows

Hello All,

We have a setup as below.

On the Linux machine, I have added two routes :

net 172.16.0.0/24 gw 192.168.2.18
net 192.168.1.0/24 gw 192.168.2.18

We can ping the remote system from WIndows / Macs but unable to ping from teh linux machine.

Also, if we do a tcpdump on the linux machine and ping from the remote machine, the packets do not reach the linux machine from the router at all.

From the Linux machine, I can ping :

192.168.2.18
172.16.154.117
172.16.154.118

but not beyond.

Any pointers is appreciated.

Thanks in advance.
nw.jpg
rr02Asked:
Who is Participating?
 
jsd9Connect With a Mentor Commented:
Perhaps there are some router access lists or firewalls not depicted on the network diagram?  I am not sure how much visibility you have into the router and the cloud in between the Linux and remote machine.  One thing you could try would be swapping IP addresses between the Linux and one of the local machines that works.  If the issue follows the IP address, than you know that there is something blocking that address.  
0
 
ByteSleuthConnect With a Mentor Commented:
Hello,

please do a tcp dump at the first router from the remote-machine.
Check the dump: can you see your ping packages here? if yes, do the same at the second router. can you see your package there? Did you check'd the acl's on the routers?

HTH

bytesleuth
0
 
rr02Author Commented:
Unfortunately, the routers are 3com MSR 20 routers and dont seem to have a feature to dump packets.

The remote machine is a windows machine and it can ping the local windows machine (same subnet as the linux machine). Only in the case of the linux machines, the packets don't seem to reach the machine from/to the router.

The arp tables are populated correctly and connectivity between the router and linux machine is OK though. We can ping as well as access the router configuration pages via http.

We have checked the router settings. No acls have been set.

Thanks!

0
Introducing Cloud Class® training courses

Tech changes fast. You can learn faster. That’s why we’re bringing professional training courses to Experts Exchange. With a subscription, you can access all the Cloud Class® courses to expand your education, prep for certifications, and get top-notch instructions.

 
jsd9Commented:
Have you checked to make sure you have a configured default gateway.  Based on your network diagram it looks like your default gateway should be 192.168.2.18.

Here is a link regarding default gateway setup and verification:

http://www.cyberciti.biz/faq/linux-setup-default-gateway-with-route-command/
0
 
rr02Author Commented:
Tried that too. We have multiple linux systems, one of which is a router and has a different gateway.
Only on this do we have a different default gateway.

On all other systems, the default gateway is 192.168.2.18

traceroute to 192.168.1.30 (192.168.1.30), 30 hops max, 38 byte packets
 1  * * *
 2  172.16.154.118 (172.16.154.118)  4.491 ms  4.432 ms  4.441 ms
 3  * * *
 4  * * *
 5  * * *
 6  * * *
 7  * * *

Since this shows that it has gone to the router, looks like routing table is set correctly.

Have even tried setting the routing table as below :

192.168.2.18    *                     255.255.255.255 UH    0      0        0 eth1
192.168.1.0     192.168.2.18    255.255.255.0     UG    0      0        0 eth1
172.34.0.0       192.168.2.18    255.255.0.0        UG    0      0        0 eth1
default             192.168.2.18    0.0.0.0               UG    0      0        0 eth1
0
 
rr02Author Commented:
We checked the router acls. Could not find anything unusual. The config is as above. The only thing we dont have visibility into is the cloud.

We also tried with different IPs. Same result.

We even connected the linux machine directly to the router and tried traceroute. Same result. THe packets reach the WAN interface of the router but not beyond. Suspect some ISP issue.

There could be some settings with the ISP that is blocking these packets for some reason. We have also asked them to check.

If there was a way to do a tcpdump or equivalent on the 3com MSR 20 router, we should have some clues. Anyone has an idea about this router?
0
 
rr02Author Commented:
It was an ISP problem after all. It looks like they were blocking IP addresses below .20. And, all our linux machines were below .20 and windows machines above that ip.

We discovered it when we assigned an IP below .20 to a windows system.

Thanks everyone!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.