cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
306
Views
0
Helpful
3
Replies

Site to site VPN issue

analyst1
Level 1
Level 1

I have a remote office connected back into this site via a site-to-site VPN between two PIX 501 firewalls. I added a printer that works off of an external jet direct server in the remote office. I can ping it from any other computer in that office, but not from the PIX in that office. I can ping every other device in that office from that Pix, and from any computer in this office. But I can not ping the new print server from this office. This keeps me from being able to set it up on servers located in this office.

Is it possible that the remote office PIX is blocking that specific ip/mac address? If so, how do I clear the blockage.

Any help would be appreciated.

Ron Rollins

3 Replies 3

mostiguy
Level 6
Level 6

it sounds like the jet direct does not have its default gateway set - so it cannot send packets outside its local subnet.

your idea of the default gateway is correct, however if you can not even ping the server from the local pix there is another issue, i would check the subnet mask of the server and make sure that im using the same subnet in all my devices (including the local pix inside network), for troubleshooting we have to make sure that the local pix is able to ping the server, once we do this make sure that the new IP is included in the acls for interesting traffic to the main site.

The local gateway, ip address, and subnet mask are correct on the jet direct card. The PIX config is correct, as there are several computers and two other printers that I can communicate with from this, the central office. {I did look at the PIX config to verify before replying.}

It really does seem that there is something on the PIX blocking that specific mac address. I have tried changing the IP address on the Jet Direct server, to no effect.