Wired Intelligent Edge

last person joined: yesterday 

Bring performance and reliability to your network with the HPE Aruba Networking Core, Aggregation, and Access layer switches. Discuss the latest features and functionality of your switching devices, and find ways to improve security across your network to bring together a mobile-first solution
Back to discussions
Expand all | Collapse all

New VM Cannot Ping

This thread has been viewed 1 times

  • 1.  New VM Cannot Ping

    Posted Apr 29, 2020 03:49 PM
      |   view attached

    Im still less than 6 months into my first networking job, please pardon me if this one seems trivial... All of our computers use 192.168.2.x as the default gateway but  I created a virtual machine with the ip address 10.92.110.5 it is meant to be on VLAN 110 so I added vlan 110 in all the switches leading to the default gateway switch. I assigned the VM a default gateway of 10.92.110.1 which is located on one of the interfaces of the firewall. I cannot ping the closest switch, the firewall, nothing. I also tried making the closest switch the default gateway (2.16) but that didnt work either, I am lost on this one. I included a screenshot of our current topology.

     

    Here is some config info:

     

    On my default gateway switch (cisco)vlan 110 is added and vlan 110 interface is like this:

     

    interface Vlan110
    no ip address

     

    The trunk Admin 1 to Admin 2 is like this:

     

    interface GigabitEthernet0/45
    description 2014-TRUNK-TO-ADMIN-2
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 2
    switchport mode trunk
    duplex full
    channel-group 2 mode on
    spanning-tree portfast
    !
    interface GigabitEthernet0/46
    description 2014-TRUNK-TO-ADMIN-2
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 2
    switchport mode trunk
    channel-group 2 mode on

     

     

    The trunk Admin 2 to Admin 3, this is an HP switch:

     

    Port | Name Type | Group Type
    ---- + -------------------------------- --------- + ----- --------
    37 | 100/1000T | Trk3 LACP
    38 | 100/1000T | Trk3 LACP
    39 | 100/1000T | Trk3 LACP

     

    vlan 110
    tagged Trk1,Trk3
    no ip address
    exit

     

     

    Admin 3

     

    vlan 110
    tagged Trk1-Trk3
    no ip address
    exit

     

    topology.PNG



  • 2.  RE: New VM Cannot Ping

    EMPLOYEE
    Posted Apr 29, 2020 04:44 PM

    Hi Chris,

     

    Your firewall might not reply to pings so pinging to firewall might fail...

     

    First ensure that you have layer 2 connectivity between your PC and its default gateway. If you ping your gateway (FW) from the PC and do show arp from CMD and it shows the mac address of your gateway, then your layer 2 connectivity is ok and the vlan is properly assigned on all your switches (untagged/access on the port of the PC, tagged on the uplinks of the switches all the way to the firewall..)

     

    Second, you need to ensure layer 3 reachability. The FW has an IP address on subnet 10.92.110.X.

    How will it reach subnet 192.168.2.X? Does it have a directly connected interface? Does it have a route to subnet 192.168.2.X?

    You also need to think of the return route.. Once the traffic reaches the 192.168.2.X device, how will the device return the traffic?

     

    Finally, a firewall is not usually like a router or layer 3 switch.. Having a route alone is not enough..You need to have the proper firewall policy to allow traffic to pass..



  • 3.  RE: New VM Cannot Ping

    Posted May 07, 2020 11:05 AM

    At the time I did not know there was a device between my default gateway switch and the firewall; a barracuda URL filter. traffic was not getting past it. we are planning on removing it since we have the URL filtering service on our palo alto. 

     

    thank you for your assistance.