cannot ping a specific host

I am accessing an internal network via SSL VPN. I can ping the Catalyst 3750X core switch management IP address 10.10.10.1 (SVI vlan10) and SVI vlan20 10.10.20.1. But I cannot ping 10.10.20.200 (a WAN acceleration appliance). I did a tracert from my PC and it stops at 10.10.10.1 then timed out.
I can ping 10.10.20.200 and access the appliance without any problem if my PC is directly connected to the core.

I am trying to figure out where it breaks.. I do not think it is the FW as I can traceroute from my PC to the core management IP address when I access it via SSL VPN. Any thoughts? Thanks
LVL 1
leblancAccountingAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

AkinsdNetwork AdministratorCommented:
Run ipconfig when connected to Von to determine your IP address. Check the vlans the DSL clan is allowed to access. Possibly, check the route btw the DSL clan and the destination vlan
leblancAccountingAuthor Commented:
the ip config from my PC shows 192.168.1.100. I can ping from my PC to the core so there is a route to the core.
Tony PittCommented:
One of the machines has a problem with its netmask, default gateway or routing table, or there's an access control list on one of them.  Any of these could cause the behaviour that you're seeing.

Is there any chance of posting those for your PC when it's connected via the SSL VPN and for the WAN acceleration appliance?  Then we might be able to spot the problem.

Alternatively, you'll need to do packet sniffing at key points across the network - at the WAN acceleration appliance, for example - to see whether it's your packets that are not reaching the appliance, or it's not sending packets back to you.

/T

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Big Business Goals? Which KPIs Will Help You

The most successful MSPs rely on metrics – known as key performance indicators (KPIs) – for making informed decisions that help their businesses thrive, rather than just survive. This eBook provides an overview of the most important KPIs used by top MSPs.

leblancAccountingAuthor Commented:
Wireshark is my next step. But I have to be onsite for that and the site is 500miles away.
Tony PittCommented:
Can you span a port on the core switch and remote control a pc from where you are to run Wireshark?

/T
leblancAccountingAuthor Commented:
I think I can do that. I need to find somebody who is willing to work with me. I will try that tomorrow. Thx
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
VPN

From novice to tech pro — start learning today.