Cisco Support Community
Community Member



     plz guide me . I am working in a HeadOffice  of an organisation. having HUB-SPOKE network topology having several branches in remote area. MPLS VPN Link is given by the ISP. . i have put on symatice server inside the organisation having different ip address . series is 10.1.x.x  where as on HUB (headoffice vpn router)lan ip address is 10.240.x.x and remote branches  address is 10.240.y.y   . i'm able to ping the branches ip address and also symantic server ip address 10.1.x.x from hub router. but i'm unable to ping form branches router.  when i trace it .it come to my hub router lan after that it die.  please guide me .how i cant make my symantic server able to ping from branches. does NATTING will resolve the issue . as ip address is different .Plz reply .thankx in advance. 

Cisco Employee

Hi Mukesh, From description,

Hi Mukesh,


From description, Am I assuming right that server with address 10.1.x.x is sitting in your hub site which is not reachable from your branch routers?.


Since a trace from branch is successful till hub router, it might be that server (or other intermittent device) doesnt have reachability back to branch router (assuming you dont have FW or ACL policies blocking it).


Is the server connected to Hub router (with 10.240.x.x address) via L2 network?. (In other words, is the server using Hub router as default GW?.)



Community Member

there is fw between hub

there is fw between hub router and my symantic server.  hub lan ip address is 10.240.x.x and firwall ip address is 10.240.x.x+1.  default route on hub router is configure for pe as well as to firewall ip address 10.240.x.x+1. firewall lan ip address is 10.1.x.x   inside which my server is implement. if there is issue in firwall .how to reslove it .as my symatic is able to ping hub lan ip bypassing fw.also it reaches to braches (spoke router ) lan ip address .plz suggest me 

CreatePlease to create content