Re: Cisco 4506 Switch - able to ping out by name but not by IP

kelly.abbott · ‎04-17-2023

Hi all,

Here's the question:

Cisco ASA firewall pings out by name and IP.

Cisco 4506 Switch only pings out by name - not by IP. - I can ping google.com but not 4.2.2.2

User's desktops and servers hanging off the switch cannot ping by name or IP. But, they can all do Nslookup with no problem. Google resolves fine with NSlookup. Yet they can't ping the google.com or anything by name or IP. Internet works fine - they can get to any site.

Any ideas on what to check?

Flavio Miranda · ‎04-17-2023

Hi

Well, not be able to ping but be able to nslookup tells me one thing. You have firewall permitting port 53 but no icmp.

The switch case pinging by name and not by IP sounds really weird behavior.

kelly.abbott · ‎04-21-2023

Thank you, I'm checking this as this sounds very plausible.

MHM Cisco World · ‎04-17-2023

For SW ping using dns name not IP' that meaning that there is NATing effect the real IP' so try ping mapped IP not real IP.

For other User and server first check ping to GW.

kelly.abbott · ‎04-21-2023

Hi, I am using NAT on my firewall so I will check this.