07-26-2004 02:10 PM - edited 03-02-2019 05:19 PM
I am unable to ping or access in any way a server on our DMZ from our VLANs. I can access or ping our web server from the same vlan. Obviously the routes are their or we could not ping any thing on the dmz subnet. Any ideas would be greatly appreciated. Im baffled.
Thanks
L. Mace
DMZ subnet 192.168.10.0/24
Server A 192.168.10.3 PINGS OK
Server B 192.168.10.2 NO PING response.
Attached is my original problem with configurations of 6513 switch and RSM.
07-26-2004 06:38 PM
Hi,Mace,
1>Could U draw a brief image of network for us??
After i see the attachment, i still don't understand what is the network structure.
2> in C65xx configuration, i found some confused config, such as :
Why do u config HSRP for "ip address 10.1.160.254(virtual)",then after u static config "ip route 192.168.10.0 255.255.255.0 10.1.160.2",
hope u response,
07-27-2004 09:18 AM
1. Attached is a jpg showing firewall infrastructure, it is correct expect the CAT 5500 is now a CAT 6513 and the 5500 is still being used. I am fairly new to this company and new to the high end switches. Also the 5500 is being used as Hot standby, (HSRP).
2 I added the static route,hoping it would fix the problem. I now know it is redundent and not needed.
Thanks
08-02-2004 07:02 PM
Hi,Mace,
Thanks for ur kind response,
After seeing ur net image, I advice that you'd better
check these configuration as followed:
1>All PIX Firewall configuration:
to find how the ip packet routed from DMZ server to internal vlan;to find wheather the ICMP is configurated correctly by PIXs; specially, the primary PIX and the standby PIX.
2> default gateway config of These DMZ server
on the other hand, from your net map, I found a little issue,Why the primary PIX and Standby PIX connect to a intel HUB ,and the HUB to core switches.
the HUB would be single point failure in network!!!
Pls. pay attention to this little issue.
Regards,
08-03-2004 10:35 AM
I finally added routes to the server back to the vlans and that worked.
Thanks for your time, it is appreciated.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: