Re: Traceroute ....

Unanswered Question
Nov 30th, 2008

Hi,

I would like to check if I get a traceroute results like this,

Tracing route to 129.215.42.34 over a maximum of 30 hops

1 2 ms 1 ms <1 ms 10.251.5.252

2 <1 ms <1 ms <1 ms 10.251.4.66

3 1 ms 1 ms 1 ms 129.215.32.22

4 15 ms 15 ms 15 ms 129.215.42.34

5 15 ms 15 ms 15 ms 129.215.42.34

6 15 ms 15 ms 15 ms 129.215.42.34

7 15 ms 15 ms 15 ms 129.215.42.34

If it keeps on repeating that IP on the hop, what does this mean ?

Thank you,

Cheers,

- InterentB -

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
royalblues Sun, 11/30/2008 - 22:21

This is generally caused if there is a ASA/PIX in between the paths.

When NAT is enabled in PIX 7.0, the IP addresses of the PIX interfaces and the real IP addresses of the intermediate hops cannot be seen

The destination address is displayed multiple times for each internal hop.

To make ASA/PIX showup as hop in tracert you need to apply "set connection decrement-ttl" in "global_policy" in "default_class" plus the required rules for allowing ICMP types

HTH

Narayan

InternetB Sun, 11/30/2008 - 22:35

Thank you Narayan. That is very helpful indeed.

Now for a silly question ... ;)

Apply "set connection decrement-ttl" in "global_policy" in "default_class" plus the required rules for allowing ICMP type

I presume that this is entered on the PIX firewall right ?

Pls advice,

Cheers,

- InternetB -

InternetB Sun, 11/30/2008 - 22:50

Yes, thats correct. So looks like we are working for the same company then ah ... ;).

Excellent ... :)

- InternetB -

royalblues Sun, 11/30/2008 - 22:57

Yup, I work for Mphasis, an EDS company

Mostly work on EDS-India related requirements. Worked a lot with Ruban, Nirmal, Eric in KL :-)

Have a good day

Narayan

Actions

This Discussion