Want to protect your cyber security and still get fast solutions? Ask a secure question today.Go Premium

x
?
Solved

cannot ping beyond the LAN

Posted on 2013-02-01
14
Medium Priority
?
318 Views
Last Modified: 2013-02-17
I have an interesting issue where the remote site (PC1) cannot ping the PBX. But it can ping anything else. Any thoughts?
                                                                      R3
                                                                       |
PC1<-->FW1<-->R1<--mpls-->R2<-->FW2<-->switch1<-->switch2<-->pbx (10.10.10.10/24)

All the devices on the left of FW2 can ping everything in subnet 10.10.10.0/24 except the pbx.

switch1, R3, and the PBX have the default gateway (DG) as the FW (10.10.10.1)
switch2 DG is R3 (10.10.10.3)
0
Comment
Question by:biggynet
  • 6
  • 3
  • 3
  • +1
14 Comments
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 38846044
Is ping enabled on the PBX?  It doesn't have to be.
0
 

Author Comment

by:biggynet
ID: 38846064
I forgot to mention that I can ping the pbx from FW2, R3, switch1, and switch2.
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 38846069
Then check FW2 and R2 to see if either of them has ping turned off for incoming requests.  Which of those things can you ping from PC1?
0
Industry Leaders: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 

Author Comment

by:biggynet
ID: 38846081
No ping restriction on all devices. PC1 can ping everything, including R2, FW2, switch1, switch2, and R3. But cannot ping the PBX.
FW2, R3, switch1, and switch2 can ping the PBX.
0
 
LVL 84

Expert Comment

by:Dave Baldwin
ID: 38846105
Maybe too many hops.  This sounds like an inconvenience rather than a problem.  Is there anything else that isn't working?  After all, ping doesn't do anything else and is one of the lowest priority services.  One of the reasons ping is sometimes inconsistent is because it will be dropped in favor of almost all other traffic.
0
 
LVL 17

Expert Comment

by:pergr
ID: 38846288
Seems to me that the pbx has the wrong default gateway configured, or has several gateways configured.

Please double check it.
0
 

Author Comment

by:biggynet
ID: 38846642
Sure. But for me when ping does not work then accessing the application will not work and this is the case here. I cannot access the PBX gui interface.

Like I mention earlier, the dg for the pbx is the FW.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 38846724
Is it specifically PC1 that can't ping the PBX or is it everything on the "left" of FW1 that can't ping?

Is PC1 on a subnet that is also on FW1?  If so can you try and ping the PBX from FW1 using the source address it is on the subnet PC1 is on?

What type of firewall is FW1?  Can you do a packet capture on it to see if the response to the ping is making it back to FW1?

Hopefully all devices between PC1 and PBX are managed and have the ability to packet captures.  You will need to do a packet capture at each spot to see where the response is being dropped.
0
 

Author Comment

by:biggynet
ID: 38847432
PC1 and everything else beyond FW2 cannot ping the PBX. But can ping everything else in the subnet where the PBX is.
Traceroute from PC1 to the PBX failed at FW2.
FW is the Fortigate. Yes it can capture the packet . But the traceroute shows that it failed at FW2. I think packet captured at FW2 will be my next step.
0
 
LVL 17

Expert Comment

by:pergr
ID: 38847440
If the PBX does not have the wrong default gateway, it has the wrong subnet mask.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 38847760
I would double check the rules/filters on FW2.  Make sure you check the subnet masks in the rules/filters.
0
 
LVL 17

Expert Comment

by:pergr
ID: 38848017
Perhaps the pbx needs a reboot, after changing network settings.
0
 

Accepted Solution

by:
biggynet earned 0 total points
ID: 38848773
The problem was not the fw but it is from the PBX. The PBX need static routes configured so that the echo reply can have it route back to the source.
0
 

Author Closing Comment

by:biggynet
ID: 38898333
The problem was the pbx
0

Featured Post

Free Tool: Port Scanner

Check which ports are open to the outside world. Helps make sure that your firewall rules are working as intended.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article explains the fundamentals of industrial networking which ultimately is the backbone network which is providing communications for process devices like robots and other not so interesting stuff.
If you try to migrate from Elastix to Issabel, you will face a lot of issues. These problems are inevitable but fortunately, you can fix them. In the guide below, I will explain how I performed the migration while keeping all data and successfully t…
There's a multitude of different network monitoring solutions out there, and you're probably wondering what makes NetCrunch so special. It's completely agentless, but does let you create an agent, if you desire. It offers powerful scalability …
Monitoring a network: why having a policy is the best policy? Michael Kulchisky, MCSE, MCSA, MCP, VTSP, VSP, CCSP outlines the enormous benefits of having a policy-based approach when monitoring medium and large networks. Software utilized in this v…

564 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question