Ideally when the ICMP is allowed in system services Ping should work. Can you please help me with the below logs so that I can further investigate the issue.
+ RSI <request support information>
+ Kindly collect the traceoptions following the below steps:
Log into the SRX device and enter the configuration mode.
+ Specify the file that debugs will be stored for 'security flow' : # set security flow traceoptions file flow-trace This sets the file that for security flow debugging to the name flow-trace.
+Set the traceoptions flag: # set security flow traceoptions flag basic-datapath This sets the traceoptions to perform the basic...
+Use filters to reduce the volume of data # set security flow traceoptions packet-filter f0 destination-prefix X.X.X.X # set security flow traceoptions packet-filter f0 source-prefix Y.Y.Y.Y + Issue the commit to apply the configuration and exit the configuration mode. Logging starts after the commit. # commit and-quit
+ Intiate the Ping and collect the outout of traceoptions:
# Show log flow-trace
[KUDOS PLEASE! If you think I earned it!
If this solution worked for you please flag my post as an "Accepted Solution" so others can benefit..]
Can you please help me with the answer of below queries :
+ Which is the hypervisor where you have deployed the vSRX and also let me know the resources allocated to the same?
+ Could you verify that the NIC have the correct VLAN configuration?
+ Also check if the promiscous mode is enabled in the port group and vswitch settings?
+ Check if you are able to ping the default gateway from vSRX or not and whether the Arp is learned or not by the command <show arp no-resolve>
+ Kindly initiate the traffic from any other source external to the vSRX and As pranita suggested can you please apply the filters matching to the traffic source and destination and collect the traceoptions ?
+ Can you copy the logs <RSI and traceoptions> from the console and attach it to the thread?
Just to inform you that vSRX is not supported on VMware Workstation 12, you might run into different unexpected issues going ahead with this deployement which might not get fixed. vSRX is only supported on ESXi 5.1, 5.5, or 6.0. you can refer the below document for the same :
I had same issue, and when i read the post that Vsrx does not work on VMWARE; I was ready to tear the whole setup apart. However, on mine it was ping that was blocked.
On my first lab i was trying vSRX with Cisco router, and didn't work so on the seperate lab i connected another 2 vSRX directly to each other and pinged didn't work; so i had to enable ping service on both vSRX. I am running vSRX on VMWARE version 14 as Qemu VMs. The regular VMware didn't work kept on giving so many errors.