Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7620
Views
5
Helpful
16
Replies

LAB: Unable to ping internally

Go to solution
Vking02
Level 1
Level 1

‎10-22-2021 09:33 AM

Hi Team, 

 

Hope someone can assist me.

 

I currently have a EVE-NG lab I am trying to complete, but having issues.

I am unable to ping the inside interface on a Cisco device from my Home network. 

I have a static route on my home route pointing to the subnet (192.168.11.x/28) in question (see Image cisco1 for static route)

 

This is the config of the cisco device

 

interface GigabitEthernet0/0
ip address 192.168.11.2 255.255.255.240
ip nat inside
ip virtual-reassembly in
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/1
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/2
no ip address
shutdown
duplex auto
speed auto
media-type rj45
!
interface GigabitEthernet0/3
ip address dhcp
ip nat outside
ip virtual-reassembly in
duplex auto
speed auto
media-type rj45

 

================


ip nat inside source list 11 interface GigabitEthernet0/3 overload
!
!
!
access-list 11 permit 192.168.11.0 0.0.0.15
access-list 11 permit 192.168.22.0 0.0.0.255
access-list 11 permit 192.168.33.0 0.0.0.255
access-list 11 permit 192.168.44.0 0.0.0.255
access-list 11 permit 192.168.55.0 0.0.0.255
access-list 11 permit 192.168.66.0 0.0.0.255
!
control-plane

===========


Interface IP-Address OK? Method Status Protocol
GigabitEthernet0/0 192.168.11.2 YES NVRAM up up >>>> points to a FW
GigabitEthernet0/1 unassigned YES NVRAM administratively down down
GigabitEthernet0/2 unassigned YES NVRAM administratively down down
GigabitEthernet0/3 172.16.10.24 YES DHCP up up <<<< points to ISP router
NVI0 192.168.11.2 YES unset up up

 

=============

 

What is confusing me is, I am able to ping from the FW outside interface (192.168.11.3) to 8.8.8.8 fine


admin@PA-VM> ping source 192.168.11.3 host 8.8.8.8
PING 8.8.8.8 (8.8.8.8) from 192.168.11.3 : 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=2 ttl=116 time=19.1 ms
64 bytes from 8.8.8.8: icmp_seq=3 ttl=116 time=14.1 ms
64 bytes from 8.8.8.8: icmp_seq=4 ttl=116 time=14.6 ms
^C
--- 8.8.8.8 ping statistics ---
4 packets transmitted, 3 received, 25% packet loss,

 

This is the network design - see attached image, cisco2

 

What am i missing and where am i going wrong? 

 

Thank you in advance.

 

 
 

 

Labels:
Preview file
36 KB
Preview file
414 KB
0 Helpful
16 Replies 16

Go to solution
Johnson_Mo
Level 1
Level 1

‎08-10-2023 10:48 AM

Can you please share the configs on PA firewall? I have GNS3 LAB where I want to connect cisco 7200 with PA and the link wont come up on the subnet. tried static route, tried OSPF, still wont o=come up. 

0 Helpful

Go to solution
Johnson_Mo
Level 1
Level 1

‎08-10-2023 10:57 AM

can you please share the configs on Palo Alto site? I am trying to connect cisco 7200 with PA on the same network, the link wont come up and can not ping each other. I enabled ping for the PA interface as well.

thanks 

0 Helpful
Customers Also Viewed These Support Documents