Solved

cannot ping beyond the LAN

Posted on 2013-02-01
14
307 Views
Last Modified: 2013-02-17
I have an interesting issue where the remote site (PC1) cannot ping the PBX. But it can ping anything else. Any thoughts?
                                                                      R3
                                                                       |
PC1<-->FW1<-->R1<--mpls-->R2<-->FW2<-->switch1<-->switch2<-->pbx (10.10.10.10/24)

All the devices on the left of FW2 can ping everything in subnet 10.10.10.0/24 except the pbx.

switch1, R3, and the PBX have the default gateway (DG) as the FW (10.10.10.1)
switch2 DG is R3 (10.10.10.3)
0
Comment
Question by:biggynet
  • 6
  • 3
  • 3
  • +1
14 Comments
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 38846044
Is ping enabled on the PBX?  It doesn't have to be.
0
 

Author Comment

by:biggynet
ID: 38846064
I forgot to mention that I can ping the pbx from FW2, R3, switch1, and switch2.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 38846069
Then check FW2 and R2 to see if either of them has ping turned off for incoming requests.  Which of those things can you ping from PC1?
0
PRTG Network Monitor: Intuitive Network Monitoring

Network Monitoring is essential to ensure that computer systems and network devices are running. Use PRTG to monitor LANs, servers, websites, applications and devices, bandwidth, virtual environments, remote systems, IoT, and many more. PRTG is easy to set up & use.

 

Author Comment

by:biggynet
ID: 38846081
No ping restriction on all devices. PC1 can ping everything, including R2, FW2, switch1, switch2, and R3. But cannot ping the PBX.
FW2, R3, switch1, and switch2 can ping the PBX.
0
 
LVL 83

Expert Comment

by:Dave Baldwin
ID: 38846105
Maybe too many hops.  This sounds like an inconvenience rather than a problem.  Is there anything else that isn't working?  After all, ping doesn't do anything else and is one of the lowest priority services.  One of the reasons ping is sometimes inconsistent is because it will be dropped in favor of almost all other traffic.
0
 
LVL 17

Expert Comment

by:pergr
ID: 38846288
Seems to me that the pbx has the wrong default gateway configured, or has several gateways configured.

Please double check it.
0
 

Author Comment

by:biggynet
ID: 38846642
Sure. But for me when ping does not work then accessing the application will not work and this is the case here. I cannot access the PBX gui interface.

Like I mention earlier, the dg for the pbx is the FW.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 38846724
Is it specifically PC1 that can't ping the PBX or is it everything on the "left" of FW1 that can't ping?

Is PC1 on a subnet that is also on FW1?  If so can you try and ping the PBX from FW1 using the source address it is on the subnet PC1 is on?

What type of firewall is FW1?  Can you do a packet capture on it to see if the response to the ping is making it back to FW1?

Hopefully all devices between PC1 and PBX are managed and have the ability to packet captures.  You will need to do a packet capture at each spot to see where the response is being dropped.
0
 

Author Comment

by:biggynet
ID: 38847432
PC1 and everything else beyond FW2 cannot ping the PBX. But can ping everything else in the subnet where the PBX is.
Traceroute from PC1 to the PBX failed at FW2.
FW is the Fortigate. Yes it can capture the packet . But the traceroute shows that it failed at FW2. I think packet captured at FW2 will be my next step.
0
 
LVL 17

Expert Comment

by:pergr
ID: 38847440
If the PBX does not have the wrong default gateway, it has the wrong subnet mask.
0
 
LVL 57

Expert Comment

by:giltjr
ID: 38847760
I would double check the rules/filters on FW2.  Make sure you check the subnet masks in the rules/filters.
0
 
LVL 17

Expert Comment

by:pergr
ID: 38848017
Perhaps the pbx needs a reboot, after changing network settings.
0
 

Accepted Solution

by:
biggynet earned 0 total points
ID: 38848773
The problem was not the fw but it is from the PBX. The PBX need static routes configured so that the echo reply can have it route back to the source.
0
 

Author Closing Comment

by:biggynet
ID: 38898333
The problem was the pbx
0

Featured Post

Efficient way to get backups off site to Azure

This user guide provides instructions on how to deploy and configure both a StoneFly Scale Out NAS Enterprise Cloud Drive virtual machine and Veeam Cloud Connect in the Microsoft Azure Cloud.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

When it comes to security, there are always trade-offs between security and convenience/ease of administration. This article examines some of the main pros and cons of using key authentication vs password authentication for hosting an SFTP server.
This article will inform Clients about common and important expectations from the freelancers (Experts) who are looking at your Gig.
Get a first impression of how PRTG looks and learn how it works.   This video is a short introduction to PRTG, as an initial overview or as a quick start for new PRTG users.
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

770 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question