Can't ping an address 1

[kmfna]

Hello all,

Recently, we split our company's network off of an older setup that contained both our company and our sister company (located across the building from us). At that point, since we were on the same network, we were easily able to access each other's reasources. Now, however, we have split them off (new trunc line, firewall, router) so, that there are actually 2 different networks in the building. This in and of itself isn't an issue, but somehow, we have lost the ability to contact their network. We have tried pinging their external IP address from our network and have timed out on every attempt (this actually goes both ways, for they cannot ping us either). This is strange, because either company can ping any other address on the internet, and from off site anyone can ping either of us....so, we are a bit confused. We think that it is a problem with the DNS on one or both sides, but aren't quite sure how.

Any ideas that you guys may have would be great.

Thanks in advance,
Kevin

- "The truth hurts, maybe not as much as jumping on a bicycle with no seat, but it hurts.

 

[smah]

I would say that the individual firewalls and/or routers are set to not return pings. If you are trying to ping by address and that fails, this particular problem has nothing to do with DNS.

 

[kmfna]

Hey,

they are set to return pings. We have actually tested repeatedly from off site (called friends from other companies and had them ping our address). This is only internal, from our network to theirs and from theirs to ours. Thanks for the response, any more ideas???

Thanks again,
Kevin

- "The truth hurts, maybe not as much as jumping on a bicycle with no seat, but it hurts.

 

[Infinity123]

If its a cisco PIX firewall ICMP is not permitted back through the firewall unless it is configured to do so. By default you can ping the interface that you are connected to. IE someone outside the company can ping your outside interface, and you internally should be able to ping the inside interface.

 

[kmfna]

that certainly makes sense....however, we are technically not going through the same firewall. There are 2 separate firewalls with 2 separate routers with 2 separate trunc lines coming in...so essentially we could be in different states as far as that goes. Am I wrong with this? We weren't sure if this could be an issue with the ISP or if it may be some strange setting that was held over when we added the new firewall/router. (when we set this back up, Our company got the new Firewall, theirs got the new router so we both kept one piece of legacy equipment) Either way, splitting the old equipment shouldn't matter, since we reconfigured the firewall....(the router didn't have to be reconfigured, since we kept the original ip range)

Thanks for the help.

Kevin

- "The truth hurts, maybe not as much as jumping on a bicycle with no seat, but it hurts.

 

[kmfna]

By the way, We can telnet into our router and ping their router or firewall and vice versa, but nothing inside the network can get out.....I'M SO CONFUSED.

- "The truth hurts, maybe not as much as jumping on a bicycle with no seat, but it hurts.

 

[Infinity123]

Try a tracert (on windows) or traceroute ( on most linux boxes to

http://www.google.com

 

[kmfna]

FINALLY, we got it. The problem was that the firewall hadn't disabled some of the old rules that were set, despite the fact that we had clicked off the "enable rule" check boxes. We went and deleted any rules that we didn't need any more and voila, it worked.

thanks to everyone for your help
Kevin

- "The truth hurts, maybe not as much as jumping on a bicycle with no seat, but it hurts.