Hi,

I have the following scenario:

                                        PC ---  vEdge100B---- internet ---vEdge1000-----switch---FW----Server Farm

I can:

        Ping from PC/vEdge100B to vEdge1000 LAN port

        Ping from vEdge 1000 LAN port to FW LAN port

I cannot 

        Ping from PC/vEdge 100B  to FW LAN port, (Rules on FW are supposedly set to allow this)

        Ping from PC/vEdge 100B  to IP from server Farm, (Rules on FW are supposedly set to allow this)

Besides,

1) The vEdge 100B learns via OMP a default route to the Server Farm subnets that the vEdge1000 has, pointing to the FW LAN IP as gateway.

2) The traceroute initiated by PC/vEdge100B, to every IP of the server farm shows the LAN IP of the vEdge 1000 as the only and last IP known.

3) FW personnel says that they do not see any ping or traceroute packets coming from PC/vEdge 100B

4) FW personnel says they do not even see vEdge 1000 MAC address, while vEdge 1000 does see the FW MAC and actually the ping works from vEdge1000 to FW

My question is as follows:

Which commands/procedure could i use to find out/demonstrate that pings/traffic from PC/vEdge100B leaves or not, the LAN port of the vEdge1000 ?  

NOTE: As the vEdge 1000 is located on a DC, there is a tight control for accessing it, so to connect a PC to the vEdge 1000 LAN port is complicated

Any other ideas about what could be happening?

Hope you can help

Thanks in advance

Best Regards

Enrique