Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
vtlikinio
Explorer

Firewall won't reply back ICMP Request

Hello

We have trouble on the firewall side that won't reply back to a certain ICMP request. Here is a TCP dump on the packet.

TCP DUMPTCP DUMP

We can see the arp also of a certain IP.

Here is the ping coming from the firewall.

thumbnail_image018.png

 

0 Kudos
4 Replies
PhoneBoy
Admin
Admin

Please explain what all the IPs are in this output and how they relate to the two gateways.
Continual ARP who-is packets suggest you're pinging the wrong IP on possibly the wrong interface or it's a configuration issue of some sort.
0 Kudos
vtlikinio
Explorer

Those IPs are within the subnet of the one assigned in the interface on both cluster firewall.
0 Kudos
PhoneBoy
Admin
Admin

I am going to assume that 192.168.30.50 is NOT associated with the firewalls in any way (i.e. it's just a host on that subnet).
If that is INCORRECT please explain precisely how this IP relates.

The host with that IP address is failing to respond to a request for its MAC address.
That means the gateway cannot send traffic to that host irrespective of any policy configuration.
This points to a configuration issue (either the host in question, the switch, a cabling issue, or something else).
0 Kudos
Maarten_Sjouw
Champion
Champion

Are you sure the ping is allowed in the rulebase? This is not by default and needs to be allowed specifically.
Regards, Maarten

Leaderboard

Epsum factorial non deposit quid pro quo hic escorol.

Upcoming Events

    CheckMates Events