AnsweredAssumed Answered

Packet doesn't leave the FW. It ate my packets!

Question asked by Matthew Do on Sep 22, 2018
Latest reply on Sep 25, 2018 by Vladimir Yakovlev

Need your expertise!

Packet from R80.10 firewall doesn't leave the box?

The FW (its external interface at 10.0.0.111) can ping its default gateway (10.0.0.1) which is behind a NAT going out to the internet. However, the FW can't reach google or ComCast DNS (75.75.75.75 or 8.8.8.8). These IPs are reachable by other host in 10.0.0.0/24 subnet). Traceroute at the FW indicates the packet doesn't leave the box! Did the FW eat the packets? Internal network is ok, I could ssh into the FW.

----

 

See attached picture for the trouble firewall.....am I missing something?

Packet doesn't leave the R80.10 firewall. The FW ate all packets!

hoangsa@ubun2svr:~$ ping 8.8.8.8 -c 2
PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
64 bytes from 8.8.8.8: icmp_seq=1 ttl=121 time=11.8 ms
64 bytes from 8.8.8.8: icmp_seq=2 ttl=121 time=10.4 ms

--- 8.8.8.8 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 10.407/11.127/11.848/0.728 ms
hoangsa@ubun2svr:~$ ping 75.75.75.75 -c 2
PING 75.75.75.75 (75.75.75.75) 56(84) bytes of data.
64 bytes from 75.75.75.75: icmp_seq=1 ttl=58 time=10.5 ms
64 bytes from 75.75.75.75: icmp_seq=2 ttl=58 time=9.48 ms
--- 75.75.75.75 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1001ms
rtt min/avg/max/mdev = 9.486/10.041/10.597/0.564 ms
hoangsa@ubun2svr:~$

Outcomes