cannot ping a specific host

I am accessing an internal network via SSL VPN. I can ping the Catalyst 3750X core switch management IP address 10.10.10.1 (SVI vlan10) and SVI vlan20 10.10.20.1. But I cannot ping 10.10.20.200 (a WAN acceleration appliance). I did a tracert from my PC and it stops at 10.10.10.1 then timed out.
I can ping 10.10.20.200 and access the appliance without any problem if my PC is directly connected to the core.

I am trying to figure out where it breaks.. I do not think it is the FW as I can traceroute from my PC to the core management IP address when I access it via SSL VPN. Any thoughts? Thanks
LVL 1
leblancAccountingAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AkinsdNetwork AdministratorCommented:
Run ipconfig when connected to Von to determine your IP address. Check the vlans the DSL clan is allowed to access. Possibly, check the route btw the DSL clan and the destination vlan
0
leblancAccountingAuthor Commented:
the ip config from my PC shows 192.168.1.100. I can ping from my PC to the core so there is a route to the core.
0
Tony PittCommented:
One of the machines has a problem with its netmask, default gateway or routing table, or there's an access control list on one of them.  Any of these could cause the behaviour that you're seeing.

Is there any chance of posting those for your PC when it's connected via the SSL VPN and for the WAN acceleration appliance?  Then we might be able to spot the problem.

Alternatively, you'll need to do packet sniffing at key points across the network - at the WAN acceleration appliance, for example - to see whether it's your packets that are not reaching the appliance, or it's not sending packets back to you.

/T
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
ON-DEMAND: 10 Easy Ways to Lose a Password

Learn about the methods that hackers use to lift real, working credentials from even the most security-savvy employees in this on-demand webinar. We cover the importance of multi-factor authentication and how these solutions can better protect your business!

leblancAccountingAuthor Commented:
Wireshark is my next step. But I have to be onsite for that and the site is 500miles away.
0
Tony PittCommented:
Can you span a port on the core switch and remote control a pc from where you are to run Wireshark?

/T
0
leblancAccountingAuthor Commented:
I think I can do that. I need to find somebody who is willing to work with me. I will try that tomorrow. Thx
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.

Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.