Solved

cannot ping beyond the LAN

Posted on 2013-02-01
14
305 Views
Last Modified: 2013-02-17
I have an interesting issue where the remote site (PC1) cannot ping the PBX. But it can ping anything else. Any thoughts?
                                                                      R3
                                                                       |
PC1<-->FW1<-->R1<--mpls-->R2<-->FW2<-->switch1<-->switch2<-->pbx (10.10.10.10/24)

All the devices on the left of FW2 can ping everything in subnet 10.10.10.0/24 except the pbx.

switch1, R3, and the PBX have the default gateway (DG) as the FW (10.10.10.1)
switch2 DG is R3 (10.10.10.3)
0
Comment
Question by:biggynet
  • 6
  • 3
  • 3
  • +1
14 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 38846044
Is ping enabled on the PBX?  It doesn't have to be.
0
 

Author Comment

by:biggynet
ID: 38846064
I forgot to mention that I can ping the pbx from FW2, R3, switch1, and switch2.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 38846069
Then check FW2 and R2 to see if either of them has ping turned off for incoming requests.  Which of those things can you ping from PC1?
0
 

Author Comment

by:biggynet
ID: 38846081
No ping restriction on all devices. PC1 can ping everything, including R2, FW2, switch1, switch2, and R3. But cannot ping the PBX.
FW2, R3, switch1, and switch2 can ping the PBX.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 38846105
Maybe too many hops.  This sounds like an inconvenience rather than a problem.  Is there anything else that isn't working?  After all, ping doesn't do anything else and is one of the lowest priority services.  One of the reasons ping is sometimes inconsistent is because it will be dropped in favor of almost all other traffic.
0
 
LVL 17

Expert Comment

by:pergr
ID: 38846288
Seems to me that the pbx has the wrong default gateway configured, or has several gateways configured.

Please double check it.
0
 

Author Comment

by:biggynet
ID: 38846642
Sure. But for me when ping does not work then accessing the application will not work and this is the case here. I cannot access the PBX gui interface.

Like I mention earlier, the dg for the pbx is the FW.
0
New! My Passport Wireless Pro Wi-Fi Mobile Storage

Portable wireless storage to offload, edit, and stream anywhere.

High-capacity, wireless mobile storage designed to accompany professional photographers and videographers in the field to easily offload, edit and stream captured photos and high-definition videos.

 
LVL 57

Expert Comment

by:giltjr
ID: 38846724
Is it specifically PC1 that can't ping the PBX or is it everything on the "left" of FW1 that can't ping?

Is PC1 on a subnet that is also on FW1?  If so can you try and ping the PBX from FW1 using the source address it is on the subnet PC1 is on?

What type of firewall is FW1?  Can you do a packet capture on it to see if the response to the ping is making it back to FW1?

Hopefully all devices between PC1 and PBX are managed and have the ability to packet captures.  You will need to do a packet capture at each spot to see where the response is being dropped.
0
 

Author Comment

by:biggynet
ID: 38847432
PC1 and everything else beyond FW2 cannot ping the PBX. But can ping everything else in the subnet where the PBX is.
Traceroute from PC1 to the PBX failed at FW2.
FW is the Fortigate. Yes it can capture the packet . But the traceroute shows that it failed at FW2. I think packet captured at FW2 will be my next step.
0
 
LVL 17

Expert Comment

by:pergr
ID: 38847440
If the PBX does not have the wrong default gateway, it has the wrong subnet mask.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 38847760
I would double check the rules/filters on FW2.  Make sure you check the subnet masks in the rules/filters.
0
 
LVL 17

Expert Comment

by:pergr
ID: 38848017
Perhaps the pbx needs a reboot, after changing network settings.
0
 

Accepted Solution

by:
biggynet earned 0 total points
ID: 38848773
The problem was not the fw but it is from the PBX. The PBX need static routes configured so that the echo reply can have it route back to the source.
0
 

Author Closing Comment

by:biggynet
ID: 38898333
The problem was the pbx
0

Featured Post

Free camera licenses with purchase of My Cloud NAS

Milestone Arcus software is compatible with thousands of industry-leading cameras for added flexibility. Upon installation on your My Cloud NAS, you will receive two (2) camera licenses already enabled in the software. And for a limited time, get additional camera licenses FREE.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Even if you have implemented a Mobile Device Management solution company wide, it is a good idea to make sure you are taking into account all of the major risks to your electronic protected health information (ePHI).
Don’t let your business fall victim to the coming apocalypse – use our Survival Guide for the Fax Apocalypse to identify the risks and signs of zombie fax activities at your business.
Internet Business Fax to Email Made Easy - With  eFax Corporate (http://www.enterprise.efax.com), you'll receive a dedicated online fax number, which is used the same way as a typical analog fax number. You'll receive secure faxes in your email, f…
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

27 Experts available now in Live!

Get 1:1 Help Now