Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
6661
Views
0
Helpful
6
Replies

PING - one reply then nothing

jerry.mcrae
Level 1
Level 1

‎01-09-2008 03:18 PM - edited ‎03-05-2019 08:22 PM

i have a DMZ setup off a PIX 515e with a 2950 switch. from the switch i cant ping any server and from one server to the other i can ping but i only get one successful reply then the other three fail. all devices are on the same vlan.

any ideas?

Labels:
0 Helpful
6 Replies 6

Edison Ortiz
Hall of Fame
Hall of Fame

‎01-09-2008 07:10 PM

Can we see the switch config?

Do you have any Firewall enabled on the server(s)?

Can you ping from the PIX successfully?

__

Edison.

0 Helpful

Shannon Sutter
Level 1
Level 1
In response to Edison Ortiz

‎01-10-2008 10:23 AM

Edison,

Jerry and I work together.

Here is the info

No firewall enabled on servers.

Yes, i can ping the servers from the PIX no pbloblem.

attached is the switch config

Preview file
6 KB
0 Helpful

Edison Ortiz
Hall of Fame
Hall of Fame
In response to Shannon Sutter

‎01-10-2008 10:52 AM

Very straightforward configuration.

Can you troubleshoot by isolating the connection by setting it up as server-to-server with a crossover cable hence bypassing the switch ?

I don't think the switch is preventing 2-way communication.

How about server-to-server connection other than the ping, does it work ?

0 Helpful

jerry.mcrae
Level 1
Level 1
In response to Edison Ortiz

‎01-15-2008 11:24 AM

i just connected the two servers via a crossover and they could ping each other fine. i also tried to browse from one server to the next via \\172.16.1.200\C$ and i get network path not found.

what debugs can i run to see the packets run through the switch or PIX?

thanks.

0 Helpful

Kevin Dorrell
Level 10
Level 10

‎01-11-2008 01:13 AM

How long does it take for the connectivity to recover? That is, if you issue another ping command immediately, does the first one still get through and the rest fail?

This is very strange behavior, but I did see something similar recently in a lab. In my case, it was related to a stateful NAT scenario with asymetric routes. That is, the ping was going through one router of the NAT pair, and the response coming back through the other. I came to the conclusion it was an artifact of the timing of the handshake between the NAT routers.

Of course, your case may be for an entirely different reason, so it would be useful to have more detail.

Kevin Dorrell

Luxembourg

0 Helpful

jerry.mcrae
Level 1
Level 1
In response to Kevin Dorrell

‎01-15-2008 11:56 AM

if i issue ping 10.10.5.x i get the one reply and wait three minuets i can run the ping again and get a successful reply.

if i run ping 10.10.5.x -t and let it run for at least three minutes i'll never get a successful reply. my PIX has a xlate timeout of 3 minutes.

i know this isnt the pix forum but i wonder if i change this "static (inside,DMZ1) 10.10.0.0 10.10.0.0 netmask 255.255.0.0" to this "static (inside,DMZ1) 10.10.5.0 10.10.5.0 netmask 255.255.0.0" will it help.

thanks.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card