Solved: Re: can't able to ping Lan IP from from PC but same IP I can do ping from ASA firwall.

akash.tiwari · ‎02-09-2020

Hi Team,

We have created a separate partitioning and created virtual servers and pool members but not working.

I am able to do ping our Lan IP from ASA Firewall:

ASA-primary(config)# ping 10.0.73.113
Type escape sequence to abort.
Sending 5, 100-byte ICMP Echos to 10.0.73.113, timeout is 2 seconds:
!!!!!
Success rate is 100 percent (5/5), round-trip min/avg/max = 1/1/1 ms

from Laptop:

C:\Users\Konverge>ping 10.0.73.113

Pinging 10.0.73.113 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 10.0.73.113:
Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),

can any-one help me out to do troubleshoot, why this happend.

Muhammad Awais Khan · ‎02-09-2020

Hi,

Understood now. Since everything is in vlan-10 then the PC traffic will never leave hit the ASA firewall.

Your PC and "10.0.73.113" should be able to reach directly if it is withing same virtual server and both have vlan-10 assigned. If "10.0.73.113" is outside the virtual server then make sure trunk configured to your server hosting VM's have vlan-10 allowed.

View solution in original post

Muhammad Awais Khan · ‎02-09-2020

Hi,

Can you provide more details about client PC, is it belong to same subnet or different. If it is same then the PC will try to reach directly to the targetted IP utilizing Layer 2 switching from your switching infrastructure.

Can you update where thic PC is connect, what is the VLAN assigned to it ? Where ASA Lan interface is connected ? If it is connected to switches then what is the VLAN configured on the switch.

akash.tiwari · ‎02-09-2020

This is not PC it is a virtual server.

akash.tiwari · ‎02-09-2020

Can you update where the PC is connected: it's a virtual server,

what is the VLAN assigned to it? VLAN-10

Where ASA Lan interface is connected? If it is connected to switches then what is the VLAN configured on the switch.

yes ASA Lan interface connected with Nexus Switch and Vlan 10 configured

@Muhammad Awais Khan wrote:
Hi,

Can you provide more details about client PC, is it belong to same subnet or different. If it is same then the PC will try to reach directly to the targetted IP utilizing Layer 2 switching from your switching infrastructure.

Can you update where thic PC is connect, what is the VLAN assigned to it ? Where ASA Lan interface is connected ? If it is connected to switches then what is the VLAN configured on the switch.

Muhammad Awais Khan · ‎02-09-2020

Hi,

Understood now. Since everything is in vlan-10 then the PC traffic will never leave hit the ASA firewall.

Your PC and "10.0.73.113" should be able to reach directly if it is withing same virtual server and both have vlan-10 assigned. If "10.0.73.113" is outside the virtual server then make sure trunk configured to your server hosting VM's have vlan-10 allowed.

akash.tiwari · ‎02-09-2020

Vlan and switching configuration perfect.

Actually the issue is we have configured 10.0.73.113, over hardware load balancer, need to telnet from publicly but not able to done,