Forum Discussion
NimbostratusNot able to ping
04/21/2013 01:59 AM Edit Quote Reply Alert
Hi frnds, I am not able to ping switch vlan ip address 10.192.77.67/26 From Firewall . Connectivity :- My F5 ltm is connected between cisco3750 switch and Checkpoint firewall . F5 Internal vlan is 1212 with iP ADDRESS 10.192.77.65/26 AND External Vlan is 1717 with Ip address 10.192.123.245/28 and Virtual Ip is 10.192.77.1 and Default gateway is 10.192.123.241 firewall ip address . i used vlan 1212 on switch with ip address 10.192.77.67/26 and vlan 1717 on firewall with ip 10.192.123.241/28. I am able to ping VIP 10.192.77.1 and vlan 1212 ip 10.192.77.65 from firewall. But i m not able to ping switch vlan ip 10.192.77.67 from firewall and also from switch to firewall not able to ping. On F5 vlan1212 and 1717 is in a Vlan Group, Please assite me , Am i missing some configuration on F5 ????????? Thanks & Regards
6 Replies
What_Lies_Bene1Cirrostratus
Amit, why are the two VLANs in a VLAN group? Your configuration doesn't seem to warrant it nor does it meet the features requirements.- nitass
Employee
i agree with Steve. i do not think you need vlan group.
can you remove vlan group and configure ip forwarding virtual server?
sol7595: Overview of IP forwarding virtual servers (Emulating stateless IP routing with BIG-IP LTM forwarding virtual servers section)
http://support.f5.com/kb/en-us/solutions/public/7000/500/sol7595.html 
amit_128513Hi Steve & nitass,
Thanks for reply. I am doing loadbalncing with service port numbers 59573 , 59572 and 135 between two host 10.192.77.80 and 10.192.77.81 and my Virtual ip is 10.192.77.1 for all service ports .
1) Virtual server :- 10.192.77.1
pool :-
node :- 10.192.77.80 : 59573
10.192.77.81: 59573
2) Virtual Server:-10.192.77.1
pool:-
node:- 10.192.77.80:59572
10.192.77.81:59572
3)Virtual Server:-10.192.77.1
pool:-
node:- 10.192.77.80:135
10.192.77.81:135
I am not able to ping these host Ip from external network.
NITASS ,I remove the VLan group and i am still facing this issue and know i also not able to ping my F5 VLan ip 10.192.77.65 .
Please suggest that i can do loadbalanacing as wel as i can do ping and telnet to these host ip.
Thanks & Regards
kridsanaCirrocumulus
can you tcpdump packet on internal ? to see packet is send but not receive or else- nitassI remove the VLan group and i am still facing this issue and know i also not able to ping my F5 VLan ip 10.192.77.65 .i do not think you can ping internal selfip (10.192.77.65) from external vlan.
sol3475: The BIG-IP system may not respond to ICMP ping requests for a self IP address
http://support.f5.com/kb/en-us/solutions/public/3000/400/sol3475.html
I am not able to ping these host Ip from external network.to ping host ip (10.192.77.80, 10.192.77.81), i understand you need ip forwarding virtual server. - amit_128513
Hi Nitass,
Know issue is solve by Ip Forwarding . I have done following configuration,
In the LTM GUI, browse to Virtual Servers & click "Create"..
Configure the following properties:
Destination: Network Address=0.0.0.0 Mask=0.0.0.0
Service port: 0
Type: Forwarding (IP)
Protocol: *All Protocols
VLAN Traffic: All VLANs
Thank your for youe support .
Thanks & Regards
