gotta really wierd problem...
configured for DHCP
eth1/2 Layer 3 IP address 10.130.8.25/24
default route via eth 1/2
eth1/2 connected to port on CISCO 2960S switch
PC connected to port on same CISCO 2960S switch
IP config IP Address. . . . . . . . . . . . : 10.130.8.151
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Default Gateway . . . . . . . . . : 10.130.8.25
Switch config..... interface Vlan1 ip address 10.130.8.20 255.255.255.0
and also ip default-gateway 10.130.8.25
all interfaces are in this default vlan1
PC gets IP address from PA ok
PC can ping switch IP 10.130.8.20
PC cannot ping PA eth 1/2 10.130.8.25
PA has 1 rule ANY ANY ALLOW
COnsole access to PA and cannot ping switch at 10.130.8.20
LAN does not seem to be up in PA 200....
appreciate any help...problem is driving me insane
Solved! Go to Solution.
Have you done a debug icmp trace on the cisco switch to see if the packets are making it to the switch? make sure to do a term mon and logging console or monitor on the cisco switch.
change the rule on the pa to deny any any and then check the PA traffic log to see if it's registering ICMP requests from your PC or Switch.
In order to ping the firewall's interface, you'll need to attach a management profile allowing ping. Create a new management profile with ping enabled on the Network Tab > Network Profiles > Interface Mgmt page and then select this management profile on ethernet1/2's interface configuration page.
When you perform the ping operation on the firewall, be sure to specify the source interface IP address that is capable of reaching the switch's IP of 10.130.8.20. So the command would be "ping source 10.130.8.25 host 10.130.8.20". Without specifying a source, the firewall will default to using the IP address assigned to the dedicated management port. I'm guessing that your management port cannot reach the 10.130.8.0/24 subnet.
Click Accept as Solution to acknowledge that the answer to your question has been provided.
The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!
These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the Live Community as a whole!
The Live Community thanks you for your participation!