- Posts: 80
- Thank you received: 0
DMZ and Ping issue when changing ip address for a server
17 years 10 months ago #19186
by zillah
DMZ and Ping issue when changing ip address for a server was created by zillah
I have got a media server 2003 installed in DMZ zone (Cisco PIX 525) , with an ip address 192.168.101.204/24, it was able to ping other servers (sql server , help server, etc ) which are in DMZ zone as well. Basically all servers are in DMZ area
Recently this media server is not able to ping these servers (sql server , help server, etc) , I do not why, but if I changed the ip address (last octet only) for this media server to 192.168.101.222 , it would be able to ping other servers (sql server , help server, etc).
There is no firewall on the media server and there is no firewall on the other servers as well.
All servers have got win2003 OS.
The error message for ping is : timed out
This is no entry with our cisco PIX for both IP addresses 192.168.101.204 and 192.168.101.222
Recently this media server is not able to ping these servers (sql server , help server, etc) , I do not why, but if I changed the ip address (last octet only) for this media server to 192.168.101.222 , it would be able to ping other servers (sql server , help server, etc).
There is no firewall on the media server and there is no firewall on the other servers as well.
All servers have got win2003 OS.
The error message for ping is : timed out
This is no entry with our cisco PIX for both IP addresses 192.168.101.204 and 192.168.101.222
17 years 10 months ago #19187
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: DMZ and Ping issue when changing ip address for a server
Hi there,
Is the subnet masks correct on all servers ? Have you moved the UTP Cable to a different switch port that is in a different VLAN (if you are VLAN'ing) ?
Can you ping the Pix Interface ?
Cheers
Wayne
Is the subnet masks correct on all servers ? Have you moved the UTP Cable to a different switch port that is in a different VLAN (if you are VLAN'ing) ?
Can you ping the Pix Interface ?
Cheers
Wayne
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
17 years 10 months ago #19192
by zillah
Replied by zillah on topic Re: DMZ and Ping issue when changing ip address for a server
YesIs the subnet masks correct on all servers ?
There is no VLAN.Have you moved the UTP Cable to a different switch port that is in a different VLAN (if you are VLAN'ing) ?
YesCan you ping the Pix Interface ?
17 years 10 months ago #19193
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: DMZ and Ping issue when changing ip address for a server
Can ya do an ipconfig /all on two of the servers and also list the arp cache and routing tables.
Please post here
Cheers
Please post here
Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
17 years 10 months ago #19223
by zillah
Replied by zillah on topic Re: DMZ and Ping issue when changing ip address for a server
I forgot to tell you that we have got two cisco switches in dmz zone 3550, and both of them as connected to each other. The servers in MDZ are spreaded between these two switches.Can ya do an ipconfig /all on two of the servers and also list the arp cache and routing tables. Please post here
17 years 10 months ago #19224
by Smurf
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Replied by Smurf on topic Re: DMZ and Ping issue when changing ip address for a server
Hi there,
That should be fine since you are not using multiple VLAN's otherwise you would need to setup a VLAN Trunk.
So are you saying that machines on one switch cannot ping machine on the other switch ? I thought all machine could ping the Pix Interface ?
Can you provide the other details listed in the last post to help try and identify the issue ?
Cheers
That should be fine since you are not using multiple VLAN's otherwise you would need to setup a VLAN Trunk.
So are you saying that machines on one switch cannot ping machine on the other switch ? I thought all machine could ping the Pix Interface ?
Can you provide the other details listed in the last post to help try and identify the issue ?
Cheers
Wayne Murphy
Firewall.cx Team Member
www.firewall.cx
Now working for a Security Company called Sec-1 Ltd in the UK, for any
Penetration Testing work visit www.sec-1.com or PM me for details.
Time to create page: 0.146 seconds