Go Premium for a chance to win a PS4. Enter to Win

x
  • Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 445
  • Last Modified:

ping with source specified

When I ping the remote site from my core switch, it does not work. But when I specify "source vlan 10", it works. Why is that?
0
leblanc
Asked:
leblanc
  • 2
  • 2
  • 2
3 Solutions
 
rfportillaCommented:
Because whichever vlan the switch is using by default does not have access to the Internet, but VLAN 10 does.  Are you familiar with VLAN's?  They are used to segment traffic like a router.
0
 
leblancAccountingAuthor Commented:
My layer 3 core switch has a default route pointed to the distribution WAN layer 3 switch, then to the FW to access the internet. I have SVIs configured on my core switch. I believe all of my VLAN can access the Internet.
I did not have to specify the source vlan with the ping before I moved from layer 2 to layer 3 between the core switch and the distribution WAN layer 3 switch.
0
 
giltjrCommented:
What IP address does your L3 core use by default?

Maybe your WAN L3 switch or your firewall does not have a route back to that address/subnet?
0
Technology Partners: We Want Your Opinion!

We value your feedback.

Take our survey and automatically be enter to win anyone of the following:
Yeti Cooler, Amazon eGift Card, and Movie eGift Card!

 
leblancAccountingAuthor Commented:
On my L3 core, my default route is pointed to the next hop /30 of the WAN distribution L3 switch interface. All subnets are /24.
0
 
rfportillaCommented:
I don't know your switch.  Is there a command to determine the default network interface and/or vlan?  I think there might be a default vlan that is used internally that might be default in the management if.  I've seen many switches with extra interfaces and vlans that don't seem like they are needed, but they exist (and not always easily visible).  

In either case, is this just a curiosity or is there an issue stemming from this?
0
 
giltjrCommented:
Assuming your setup is like:

CORE-L3 < -- > WAN-L3 <----> Firewall

Typically a L3 switch (your CORE-L3) will use the IP address of the SVI based on your routing table.  So if you are ping'ing 1.1.1.1, what is the IP address of the router it will use as the next hop.

I would assume that it would be the IP address in CORE-L3 that is on the subnet between CORE-L3 and WAN-L3.

So first thing to check is does the firewall have a route back to that subnet.
Second thing to check is does the firewall have a policy that would allow ICMP to/from that subnet.
0

Featured Post

NEW Veeam Backup for Microsoft Office 365 1.5

With Office 365, it’s your data and your responsibility to protect it. NEW Veeam Backup for Microsoft Office 365 eliminates the risk of losing access to your Office 365 data.

  • 2
  • 2
  • 2
Tackle projects and never again get stuck behind a technical roadblock.
Join Now