Hi Ankur,

Thanks for a quick relpy. The Router is infact the Gateway for the Servers/Workstations. But the Router does not have any ACL's and no Firewall in between only a 2900 Switch with a flat configuration.

Regards

Hi Faizm,

When you try to ping any workstation from router can you check if the arp entry is build up on the router or is it like incomplete arp entry?

Did it started happening all of sudden?

Regards,

Ankur

Hi,

When I do a extended ping it is pinging from serial interface as the source to the LAN, but when I ping from FastEthernet as the source to the LAN it is not. And the ip's which I am trying to ping are displayed in the ARP table.

Regards

What are the factors associated with this kind of behavior?

Hi Faizm,

Thats a strange behavior. If possible can you paste the output of "sh run"

Regards,

Ankur

Hi Ankur,

Please take a look at the sh run output.

Regards

can you pls check the routes configured in the PC or server correctly because this will create a problem , you can check it by using "route print " command in case of a windows machine

Usually, if you ping an address from a router, the router uses the source address of the interface out of which it is performing the ping.

What if the interface has more than one IP address? Someone correct me if I am wrong, but I think it uses the primary address of the interface. Again, someone correct me if I am wrong, but I think it does that even if it has a secondary addresses in the same subnet as the target.

Other complications exist if you have two routes to the target, each out a different interface, and you are running per packet load balancing.

Kevin Dorrell

Luxembourg

Kevin is quite correct. The default behavior of the Cisco router is to use as source address for ping the address of the interface out of which it will send the ping packet. If the interface is configured with a secondary address it will use as source address the primary address, even if the target is in the subnet of the secondary address.

We have an option to over-ride this default behavior in extended ping where we have an option to specify the source address for the ping packet and can choose any other address from any other interface on the router.

HTH

Rick

Hi Kevin/Rick,

But the "sh run" posted by the original poster does not have any secondary address configured on his lan interface so what else can be the reason of the symptom which he is facing?

Regards,

Ankur

Ankur

You are correct that the config as posted does not have secondary addresses.

While I believe that Kevin's comment is correct that sometimes when traffic will flow in one direction but not in the other, that it is a problem with routing I do not believe that is the issue here.

I believe that you asked a key question in your first post:

Any firewalls implemented on workstation?

and the original poster misunderstood and responded that there was no firewall "between" the end station and the router.

And I believe that you asked another good troubleshooting question when you asked if the MAC address showed up in the ARP table. The original poster responded that they do show up in the ARP table.

This leads me to guess that your first question may lead to the problem. I am guessing that there is a firewall implemented ON the workstation that is not alowing ping to the workstation.

HTH

Rick

Rick,

There is no client firewall on any worksations or server. As I mentioned before in the post that I am able to ping succesfully to any Server/Workstation if I use an extended ping. If there was any client firewall on any Workstation or Server then the Router should not extended ping as well, right.

Thanks for the helpful replies guys.

Regards.