Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1257
Views
0
Helpful
3
Replies

SA540 IP Aliases Respond To Ping?

Go to solution
Ross Mccullough
Level 1
Level 1

‎10-24-2012 08:11 AM

Group,

I hope an easy question, in the WAN profile of our SA540 I have IP Aliases configured for a block of IP addresses we have. The active 2 IP addresses plugged into the actual RoadRunner modem respond fine to ping, the other three I have programmed to the WAN interface are not responding as I would think they should. Have I overlooked something? The "Block IP on WAN Interface" is disabled and pings back fine. Thanks for the input on this question!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Tom Watts
VIP Alumni
VIP Alumni

‎10-24-2012 09:36 AM

Hi Ross, to my understanding, no, the Alias shouldn't respond unless it is mapped to something. At my lab, I have a T1 with 254 available IP addresses, only physical WAN interfaces that respond to ICMP will reply and any other IP that is not active is not responding.

If you map the alias to something like a webserver and allow the webserver to respond to ICMP this should work.

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/

View solution in original post

0 Helpful
3 Replies 3

Go to solution
Tom Watts
VIP Alumni
VIP Alumni

‎10-24-2012 09:36 AM

Hi Ross, to my understanding, no, the Alias shouldn't respond unless it is mapped to something. At my lab, I have a T1 with 254 available IP addresses, only physical WAN interfaces that respond to ICMP will reply and any other IP that is not active is not responding.

If you map the alias to something like a webserver and allow the webserver to respond to ICMP this should work.

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful

Go to solution
Ross Mccullough
Level 1
Level 1
In response to Tom Watts

‎10-24-2012 10:35 AM

Tom,

Thanks, that nailed it. Perhaps you can shed a bit of further knowledge on me. What we are trying to accomplish is take VOIP traffic out of the VPN and bring it in through the WAN address (IP alias mapped to internal machine) So for instance I have a rule for VOIP --> Allow Always --> From Address "Any" -->Destination --> "Internal IP address"  --> Internet Destination "Outside IP address"  I enclosed the screen grabs.

But I am unable to get the phone registered this way. Do you know if NAT is applied to the IP aliases? My understanding is the VOIP won't play nicely with NAT or double NAT as it is older using the NGT and H.323 protocol not SIP. I added some shots for reference. Thanks so much!!

Secondly do you know by chance which IP rule # I can use for a simple ICMP Echo Reply? I can pick from Type 3-13.

0 Helpful

Go to solution
Tom Watts
VIP Alumni
VIP Alumni
In response to Ross Mccullough

‎10-24-2012 10:52 AM

ICMP types are pretty specific.

ICMP-TYPE 3 = Destination Unreachable   (common)

ICMP-TYPE 4 = Souce Quench

ICMP-TYPE 5 = Redirect

ICMP-TYPE 6 = Alternate Host Address

ICMP-TYPE 7 = Unassigned

ICMP-TYPE 8 = Echo (common)

ICMP-TYPE 9 = Router Advertisement

ICMP-TYPE 10 = Router Selection

ICMP-TYPE 11 = Time Exceeded

ICMP-TYPE 12 = Parameter Problem

ICMP-TYPE 13 = Time Stamp

You may want to try type 8, it is echo request

-Tom
Please rate helpful posts

-Tom Please mark answered for helpful posts http://blogs.cisco.com/smallbusiness/
0 Helpful
Customers Also Viewed These Support Documents