Problem with PING and Tracerout

ivan_bozic · ‎02-09-2021

Hey, folks, I have a problem with ping and traceroute from the firewall. I have made a VPN to the main exchange and it works ok. The firewall is connected to the L3 switch from which the WAN connection goes to the provider. From the switch, I can ping my host address on the other side but the traceroute doesn't work. While with the firewall I can't ping the remote host address and the traceroute doesn't work

echo · ‎02-11-2021

I remember I have seen traceroute blocked logs sometimes: they are specific udp ports that need to be allowed. Or you have any-to-any type of firewall rules and then it doesn't work?

emnoc · ‎02-11-2021

The "diag debug flow" needs to be looked at and used.

Ken Felix

PCNSE

NSE

StrongSwan

ivan_bozic · ‎02-12-2021

in VPN rules I am using the specific LAN to a specific destination. I am sending my configuration for VPN rules.

But it is wired because the firewall is connected to switch and switch is connected to the Provider.

Ping from the switch is ok but traceroute is not.

Ping and traceroute from the firewall is not working.

And from my host site, I can ping destination VPN host side but traceroute is not working.

Maybe some specific ports enabled or static routes.

Problem with PING and Tracerout

Nominate a Forum Post for Knowledge Article Creation

You are leaving our website