Why can't I ping the default gateway???

[CaspaMcNasty]

Hi,
Our intranet server which is on it's own subnet of our network cannot ping any addresses on our whole network including its own default gateway (to which it is directly attched via a crossover cable). Subsequently I cannot do any nslookups and tracerts or anything, it seems to be completely cut off. BUT.... every other machine on our network including the default gateway can ping the intranet server and subsequently see the intranet site. Why? My colleague and I have been trying to figure this out for 3 days now. He seems to think it is due to the intranets gateway being our firewall and reckons that some rules are missing but he can't figure out what.

Does anyone know what I'm babbling about?
If so, please help!!

Cheers
CaspaMc

 

[ReddLefty]

It might be a good idea to post your actuall network settings for the machines... it strangely sounds like a networking configuration issue. this would fit the symptoms, like one way communications. The scenario I'm thinking (this is if you don't have any firewall rules setup blocking IP). It almost seems as your gateway does not know where to send the packets leaving your Intranet Server towards your network. (DMZ to LAN closed?)



"In space, nobody can hear you click..."

 

[CaspaMcNasty]

Hi,

here is some network settings and diagnostics (sorry, its a bit long)

here is the ipconfig of the intranet server...

Windows 2000 IP Configuration
Host Name . . . . . . . . . . . . : abc-intranet
Primary DNS Suffix . . . . . . . : abc.local
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : abc.local

Ethernet adapter Local Area Connection:
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Compaq NC3163 Fast Ethernet NIC
Physical Address. . . . . . . . . : 00-08-02-55-4D-4F
DHCP Enabled. . . . . . . . . . . : No
IP Address. . . . . . . . . . . . : 192.168.2.2
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 192.168.2.1
DNS Servers . . . . . . . . . . . : 10.100.100.2
10.100.100.4
Primary WINS Server . . . . . . . : 10.100.100.2

And here are the results of pinging the default gateway and an nslookup...
----------------
ping 192.168.2.1
Pinging 192.168.2.1 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.

Ping statistics for 192.168.2.1:

Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms

----------------
nslookup abc-firewall

DNS request timed out.
timeout was 2 seconds.
DNS request timed out.
timeout was 2 seconds.
Server: UnKnown
Address: 10.100.100.2

DNS request timed out.
timeout was 2 seconds.
-----------------------------

 

[ReddLefty]

Is your gateway also your firewall and router?(as in abc-firewall)? It could simply mean that your gateway doesn't answer to PINGs on that Network Interface.... The setup looks fine as far as IP's are concerned.

It really looks like the router/firewall is not letting traffic from the DMZ go to the LAN... at least, not DNS( Port 53) or PING (port: xx) in any case.

To be sure, you should also post your layout... as in DMZ goes to Gateway, LAN goes to same gateway, different NIC, and so on...






"In space, nobody can hear you click..."

 

[minxca]

Could you post your Gateway IP config?

thanks,