cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1513
Views
0
Helpful
8
Replies

unsuccessful in tracert to gateway

srikanth ath
Level 4
Level 4

Hi experts

here i have problem when i telnet from different switches to sonicwall gateway 10.10.10.1

here i have provided  all possible attacehed files for the troubleshoot.

my network set up in short and dirty way

branch office(vlan99)-------------fibre-----------------L3switch(main office)--------sonicwallfirewall-----internet

when i try to ping and tracert to sonicwall gateway 10.10.10.1, here is the response

1. from L3switch ping fine            traceroute not reaching gateway

2. from branch office i have 3 L2 switches all in vlan99

    ping is fine                             traceroute not reaching gateway of sonicwall

below attached files i have provided the network diagram(the vlan inf. provided is wrong in the diagram)

can you please guide me on this..

THanks & regards

srikanth

8 Replies 8

srikanth ath
Level 4
Level 4

Need support of u guys..

do i have to provide more information, other than above.

Thanks & regards

srikanth

Hi,

don't forget the traceroute in IOS is not implemented like in Windows.It is sending  UDP packets with increasing TTL to a high port number and the destination should respond with a icmp port-unreachable message.

So the problem surely lies on the SonicWall device.

Regards.

Alain

Don't forget to rate helpful posts.

Check SonicWall FW antispoofing.

Hi alain..

can you explain me this clearly i dint understand somehow in a technical way.

It is sending  UDP packets with increasing TTL to a high port number and the destination should respond with a icmp port-unreachable message

Thanks & regards

srikanth

Hi,

Cisco uses the same implementation as Unix/linuxes

http://ccie20728.wordpress.com/2008/12/01/ciscos-traceroute-implementation/

Windows Implementation on the contrary only relies on icmp echo-requests to do the traceroute.

Regards.

Alain.

Don't forget to rate helpful posts.

HI alain

thanks for the explanation

when i ping from L3 switch to Sonicwall . the packets are dropped and achieved 99% success.

Type escape sequence to abort.

Sending 1000, 100-byte ICMP Echos to 10.10.10.1, timeout is 2 seconds:

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!

Success rate is 99 percent (996/1000), round-trip min/avg/max = 1/1/51 ms

Switch#

and the reason behind this. sorry if im giving u pain.

thanks

srikanth

Hi,

Maybe  icmp rate-limiting on the Soniwall.

Regards.

Alain

Don't forget to rate helpful posts.

sleepyshark
Level 1
Level 1

Need a little more troubleshooting information to help on this, please provide the following:

  • What subnet/VLAN is your L3 switches on?
  • What subnet are your computers on?
  • Are you able to ping PAST the sonicwall (externally)
  • If your computers are not on the same subnet as your Sonicwall, do you have the appropriate routing for the additional subnet added?
  • Can you see ICMP traffic on the Sonicwall packet monitors?

I am very intimately involved with Sonicwall and their quarks - this is most likely NOT a cisco issue, but a Sonicwall issue and sonicwall doesn't make things very easy to troubleshoot/fix....

Thanks,

Sean Brown (sean@sleepyshark.com)

voice: 212.760.1700 x7001

Wanna learn more about me? Check out my bio

Follow me on LinkedIn

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco