05-05-2011 12:52 PM
The 10.18.76.10 host is not sending any replies to the ping requests, or at least the firewall isn't seeing them.
Look at every section that starts with "****** xxxxxx.0: <Trust/bgroup0> packet received ******
Packet is always from 10.20.1.51 to 10.18.76.10. No packets come in from 10.18.76.10 to 10.20.1.51.
I would start by troubleshooting connectivity from the 10.18.76.10 host. Does it have a local host firewall enabled? Can it reach to other parts of the network and/or the internet?
If all that checks out, you can run a packet capture on the host itself and see if it's properly receiving the ping request and sending a reply out onto the wire.
05-05-2011 12:56 PM - edited 05-05-2011 01:03 PM
When I ping .10 from the SSG20 itself the server replies to the ping.
ssg20-> ping 10.18.76.10 Type escape sequence to abort Sending 5, 100-byte ICMP Echos to 10.18.76.10, timeout is 1 seconds !!!!! Success Rate is 100 percent (5/5), round-trip time min/avg/max=2/2/4 ms ssg20->
I don't think the problem is on the 10.18.76.10 server.
I think the request from 10.20.1.x network never gets forwarded to 10.18.76.10
05-05-2011 01:14 PM
The ping from the firewall is going to be sourced from the firewall's interface, which is on the same subnet as the host.
Most default rules for host firewalls allow pings/traffic from the local subnet, but not from other subnets.
Furthermore, something as simple as a bad default gateway or subnet mask configuration could cause similar problems. The firewall pinging the host happens at layer 2. The other host pinging the target host requires layer 3.
I've given some suggestions to help you track down the issue...
05-05-2011 01:28 PM
I have logged into the server at .10 and confirmed it can reach the internet just fine. The Default Gateway is correct. Subnet mask is correct. Firewall is disabled.
05-05-2011 02:30 PM
Best I can suggest at this point is to capture traffic at the 10.18 host, and compare it to what you see using debug flow and also try "snoop" on the firewall.
The replies are getting lost somewhere... just have to find out where/why.