No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Some client side cannot ping network gateway

Publication Date:  2012-12-06 Views:  42 Downloads:  0
Issue Description
Some host computer connecting with USG2200BSR interface cannot ping gateway. USG2200BSR can learn the mac address connecting with PC.
Alarm Information
NULL
Handling Process
Check the session table

[USG2210]display firewall session table v destination inside 192.168.2.1
16:23:56  2011/10/31                 
Current total sessions: 1   
  icmp  VPN: public -> public
Zone: local -> untrust  TTL: 00:00:20  Left: 00:00:02                 
  Interface: GigabitEthernet0/0/0  Nexthop: 123.65.3.193  MAC: 00-0f-e2-19-69-35
  <-- packets:0 bytes:0   --> packets:5 bytes:420                      
  123.65.3.212:44047-->192.168.2.1:44047

Compare that the next hop of this session is diffrent with that in routing table.

[USG2210]display ip routing-table             
16:06:43  2011/10/31
Routing Table: public net
Destination/Mask   Protocol Pre  Cost        Nexthop         Interface
0.0.0.0/0          STATIC   60   0           123.65.3.193    GE0/0/0  
10.0.0.0/8         DIRECT   0    0           10.0.0.254      Vlanif3  
10.0.0.254/32      DIRECT   0    0           127.0.0.1       InLoopBack0
123.65.3.0/24      DIRECT   0    0           123.65.3.212    GE0/0/0  
123.65.3.212/32    DIRECT   0    0           127.0.0.1       InLoopBack0
123.65.3.213/32    DIRECT   0    0           127.0.0.1       InLoopBack0
123.65.3.214/32    DIRECT   0    0           127.0.0.1       InLoopBack0
127.0.0.0/8        DIRECT   0    0           127.0.0.1       InLoopBack0
127.0.0.1/32       DIRECT   0    0           127.0.0.1       InLoopBack0
172.16.0.0/24      DIRECT   0    0           172.16.0.1      Vlanif4  
172.16.0.1/32      DIRECT   0    0           127.0.0.1       InLoopBack0
192.168.1.0/24     DIRECT   0    0           192.168.1.254   Vlanif6  
192.168.1.254/32   DIRECT   0    0           127.0.0.1       InLoopBack0
192.168.2.0/24     DIRECT   0    0           192.168.2.254   Vlanif2  
192.168.2.254/32   DIRECT   0    0           127.0.0.1       InLoopBack0

Check the second line of routing table by counting down, it has 192.168.2.0/24.

[USG2210]display fib                          
16:06:11  2011/10/31
Destination/Mask   Nexthop         Flag TimeStamp     Interface
10.0.0.0/8         10.0.0.254      U    t[0]          Vlanif3
10.0.0.254/32      127.0.0.1       GHU  t[0]          InLoopBack0
123.65.3.212/32    127.0.0.1       GHU  t[0]          InLoopBack0
0.0.0.0/0          123.65.3.193    GSU  t[0]          GigabitEthernet0/0/0
123.65.3.0/24      123.65.3.212    U    t[0]          GigabitEthernet0/0/0
123.65.3.214/32    127.0.0.1       GHU  t[0]          InLoopBack0
123.65.3.213/32    127.0.0.1       GHU  t[0]          InLoopBack0
192.168.1.0/24     192.168.1.254   U    t[0]          Vlanif6
172.16.0.0/24      172.16.0.1      U    t[0]          Vlanif4
192.168.254.254/32 127.0.0.1       GHU  t[0]          InLoopBack0
192.168.1.254/32   127.0.0.1       GHU  t[0]          InLoopBack0
192.168.5.254/32   127.0.0.1       GHU  t[0]          InLoopBack0
172.16.0.1/32      127.0.0.1       GHU  t[0]          InLoopBack0
192.168.2.254/32   127.0.0.1       GHU  t[0]          InLoopBack0
127.0.0.0/8        127.0.0.1       U    t[0]          InLoopBack0
FIB table did not have 192.168.2.0 table option,it means no route in FIB,it pass through the default route.

Root Cause
NULL
Suggestions
NULL

END