i replaced a server1 but used the same ip. used a different name. now i can only connect to it in my building. from switches at the other campuses, they resolve the name to the correct ip but cannot ping the ip. the router resolves and pings it fine, but all the switches at the different campuses cant ping it.any advice ideas???
it is a brand new server with basic config from dell. not for sure on the fw being turned on.
yes i can ping every server except this one from any switch.
well, make sure the server have correct defaul gateway and mask, also check the switchport settings such as speed duplex and vlan assigments the server should be under, have you checked all these ?
 also check the server is not doing any kind of teaming, or if it is to be properly configured.
yes all the config on the server is good,subnet,gateway,ect. it is the mailfilter running mimesweeper. which is working perfectly, except the PMM sends emails to users at the campuses with a url to view their spam. it doesnt connect. but works perfect within the building. all the config is exactly the same as the old server but the name. was mailfilter, now mailfilter2. ip and all config the same.
something must be blocking icmp and port 80 withing the server or some other acl on a router in the building, you indicated server config is good and sends emails, but accept no http connections or pings, can other servers in the same segment mailfiler2 is under ping and http to it? can you check these .
yes from my pc in the same segment can ping it,remote to it, connect to the http. so can everyone else within the inside the building.
so nothing should be blocked on the server. could any firewall config effect anything?
sounds like firewall to me , are you certain there are not firewalls rule policy throughout the campus network , whats your network topology, is the building a branch connecting to a core network at another building where there may be firewalls?
 any proxy servers outside building
i am in the main building with the core network where the firewall is. the other campuses dont have any firewall there.we just have the one firewall. i didnt think they went through the firewall to get back to the main building, ithink they come back in through the router. i am new to this network,thrown into the lions with no documentation. and i do appreciate your help with this
I've been in that detective situation, can you look fw logs to rule it out, incidently , are you using the same IP address from old server or new IP address.
Look in the router for any acls, I have seen acls put in even from within trustet networks.
and don't worry, forum is here to help whenever we can.. and still thinking till run out of ideas.
i am using the same ip but different server name. saw this in the firewall config:
name x.x.x.x mailfilter
static (inside,outside) tcp x.x.x.x smtp mailfilter smtp netmask 255.255.255.255 0 0
the new server has the same ip but named mailfilter2.
i couldnt put a no infront of the static line to delete it.
I do not think it would be the firewall because if you are using the same IP and there were any rules bound to it , it would go through, fw would not not check name but rather IP . Is this an ASA ? any logs you can see like denies, can you also look at the core router where VLANs are configired for ALL other building comming to yours.
yeah thats why i used the same ip address to try to avoid having to change any firewall and router configs. sounded good in theory
is it possible the switches are still associating the ip address with the mac address of the old server?
what comes in mind would be a transparent firewall using acl to control mac addresses ,
any chances there would be fwsm in your core switch?, I bet your problem is a simple one to resolved eating both, it just does not make any sence other buildings can access other servers withing the same segment but not this one.. hope someone jumps in with other suggestions..
login to your switches as well as your CORE switches, look at configs for any mac-base acls
issue " show access-list " or " show run " to see config.
 If you have a CATOS core switch also issue' show module" and see if there is any fwsm.
i was looking at the configs earlier today i dont remember seeing anything with any mac addresses in them.
when i did a sh ip arp from the router it showed the right ip with the right mac address.
if you connect to a remote router from another building from that router can you ping the server , or do a trace route to see if trace goes throught.
yes from the routers i can tracroute straight to it, but a traceroute from the switch and it hops to the router then never finds anything just
1 router ip
2 * * *
3 * * *
Brad, any updates on this? or are you still searching solution.. I suspect there must be some kind access policy beween remote buildings and your building.. let us know what the outcome was.