i have a Cisco 4900 and following is the config

my problem is ..from the 4900 i can ping 10.11.20.1 which is the interface of my firewall, but i cant ping my management server that is across a VPN that terminates on the 10.11.20.1 fw i have verified there are no ACLs blocking traffic.

any ideas ?

=~=~=~=~=~=~=~=~=~=~=~= PuTTY log 2013.05.02 09:34:47 =~=~=~=~=~=~=~=~=~=~=~=

sh run

Building configuration...

Current configuration : 2810 bytes

!

version 15.0

no service pad

service timestamps debug datetime msec

service timestamps log datetime msec

no service password-encryption

service compress-config

!

hostname ecw12sw006

!

boot-start-marker

boot system flash bootflash:cat4500e-ipbase-mz.150-2.SG1.bin

boot-end-marker

!

enable secret 5 $1$cn/7$WRGp36aCFuNrar7CYkXGT.

!

!

!

no aaa new-model

ip subnet-zero

!

!

ip vrf mgmtVrf

!

!

power redundancy-mode redundant

!

!

!

spanning-tree mode pvst

spanning-tree extend system-id

!

vlan internal allocation policy ascending

!

!

!

interface Port-channel1

switchport

switchport mode trunk

!

interface Port-channel2

switchport

switchport mode trunk

!

interface FastEthernet1

ip vrf forwarding mgmtVrf

no ip address

speed auto

duplex auto

!

interface TenGigabitEthernet1/1

switchport mode trunk

!

interface TenGigabitEthernet1/2

switchport mode trunk

!

interface TenGigabitEthernet1/3

switchport mode trunk

!

interface TenGigabitEthernet1/4

switchport mode trunk

!

interface TenGigabitEthernet1/5

!

interface TenGigabitEthernet1/6

!

interface TenGigabitEthernet1/7

!

interface TenGigabitEthernet1/8

!

interface GigabitEthernet2/1

switchport mode trunk

channel-group 2 mode active

spanning-tree portfast trunk

!

interface GigabitEthernet2/2

switchport mode trunk

channel-group 2 mode active

spanning-tree portfast trunk

!

interface GigabitEthernet2/3

switchport mode trunk

channel-group 2 mode active

spanning-tree portfast trunk

!

interface GigabitEthernet2/4

switchport mode trunk

channel-group 2 mode active

spanning-tree portfast trunk

!

interface GigabitEthernet2/5

switchport access vlan 3

!

interface GigabitEthernet2/6

switchport access vlan 3

switchport mode trunk

channel-group 2 mode active

spanning-tree portfast trunk

!

interface GigabitEthernet2/7

switchport access vlan 3

!

interface GigabitEthernet2/8

!

interface GigabitEthernet2/9

!

interface GigabitEthernet2/10

!

interface GigabitEthernet2/11

!

interface GigabitEthernet2/12

!

interface GigabitEthernet2/13

!

interface GigabitEthernet2/14

!

interface GigabitEthernet2/15

!

interface GigabitEthernet2/16

!

interface GigabitEthernet2/17

switchport mode trunk

channel-group 1 mode active

spanning-tree portfast trunk

!

interface GigabitEthernet2/18

switchport mode trunk

channel-group 1 mode active

spanning-tree portfast trunk

!

interface GigabitEthernet2/19

switchport mode trunk

channel-group 1 mode active

spanning-tree portfast trunk

!

interface GigabitEthernet2/20

switchport mode trunk

channel-group 1 mode active

spanning-tree portfast trunk

!

interface Vlan1

no ip address

!

interface Vlan3

ip address 10.11.20.45 255.255.255.0

!

ip default-gateway 10.11.20.1

ip http server

!

!

!

!

end

ecw12sw006#