Cannot ping CentOS 6.4 invited Windows 7 host through NAT
Hello
I am running VMware Workstation 9.02 on Windows 7 (64 bit) with customers running CentOS (also 64 bit) 6.4, using NAT networking.
Everything worked fine, but suddenly I can reach is no longer the guest computers CentOS network NAT. Ping the address of the guest PC from the command-line on the host computer Windows 7 fails with a 'Request timed.' error out. However, the guest operating system still seems to be able to connect to the Internet (i.e. Ping google.com from a command-line in the CentOS prompt seems to have reached the site).
I don't know what has changed in the State of the Windows host. I tried to re-setup of VMware, but nothing seems to restore connectivity between a Windows host and the guest of CentOS operating system. Can anyone suggest what could be bad, or how I can start to debug the loss of connectivity on the side Windows?
I'm using a Kaspersky firewall on the Windows 7 host, but it never prevented connectivity with VMware customers before.
Thank you
Tony
If the virtual machine has a network/Internet connectivity so I doubt it is a matter of VMware itself and it is most likely a firewall issue. Check and make sure that all firewalls do not block ICMP (ping) echo requests on the host and the guest.
Tags: VMware
Similar Questions
-
Cannot ping a virtual machine, except on the host computer.
I have a host of SuSE, built on a chassis of IBM. It has a link for the failover interface. It has an IP of 10.10.138.196. SM 255.255.255.128. DG 10.10.138.129. I can ping this machine without problem. On that note, I have a virtual machine of SuSE. It has the same mask and gateway with an IP address of 10.10.138.197. It can ping the host (196) and the host can it ping. However, he cannot ping to the gateway by defaut.129. He receives a message Impossible to its own virtual interface. I have installation bridged networking early with no luck.
I tried to change the DG on the guest a.196. I have installation routes by default, and specific directions to 10.10.138.129 on the host and the guest without success. I talked to a few colleagues and they are not of course either. I need this available, so it can be used for a variety of applications.
You will not see a virtual NETWORK adapter for bridged interface, only for NAT and the host-only networking. There will be a device/dev/vmnet0, but that is not actually used to fill itself.
Your problem is that your bridged interface is bound to the wrong card on the host: it must be related to "bond0" not "eth0". You will need to re - run /usr/bin/vmware-config.pl to address which forces all running VMs to be stopped.
---
If you have found this device or any other answer useful please consider the use of buttons useful or Correct to award points.
-
Cannot ping between virtual servers on the same host
I have a 5 ESXi host with 3 virtual copies of Windows Server 2008R2 running on them. The ESXi host is connected to my switch, which has the Windows 2008 R2 DC to my test network and my laptop management with VSphere branch above as well. I can ping host, mobile and ad server of each of the individual virtual servers and can ping and RDP for all 3 from other devices not on that host, but I cannot communicate between the three. I have Windows Firewall disabled on all three. I have no firewall, and all machines have an IP address in the 10.0.0.X range I deleted then recreated the only virtual switch on the host on which appear all 3. I've been VERY frustrated for the last 3 days on it. Why my virtual machine cannot talk to each other?
When you have registered virtual machines in ESX you selected moved VM or Coiped VM? Go to editing parameters and watch the MAC addresses. My guess is that if you copied power (including the vmx files) then the MAC address is the same for all virtual machines. You can stop the machine and change for a MAC address mac address. You can also remove the network adapters, one of each, and then add the new network cards. Remember to reconfigure the IP addresses on the box and remove the ghost network maps after doing this.
Check this KB to change the mac address.
http://KB.VMware.com/selfservice/microsites/search.do?language=en_US&cmd=displayKC&externalID=507
Also, can you connect to the switch and look at the ARP table and see if the system VMs register here.
-
Hello
I can't reach my host. What could be the problem?
I am using Vmware Server 2.0.1 Build 156745
Host: Windows XP Professional sp2
IP:192.168.146.1 host (vmnet1)
Hardware: Computer laptop Dell 630
Comments: Linux
CentOS 2.16.0
GuestIP:192.168.146.120
Comments cannot ping the host
Host cannot ping the prompt
I tried to configure the nat and the host only to connect. Nat could also be able to reach the external pages.
I appreciate any ideas
Is the fixed prompt on DHCP or IP?
What network cards do you have on the host and bridged (vmnetcfg.exe run as administrator)?
Is the physical card on the guest living/connected - sometimes to the life of a card NETWORK disconnected will no connectivity in the guest?
Have you recently changed the VMware network in the host? If so, you will need to restart the VMware services or reboot the host.
Is there a firewall clutter it?
Is the card NETWORK connected to the prompt - it shouldn't be a red cross on the network icon in the list of the material in the center of the console pane when the virtual machine is selected in the left pane?
The MAC address or virtual and physical adapters in the host and the single guest, that is not duplicated?
If all this pans, can be helpful to remove the NETWORK card in the prompt and add a. Also, what type of NETWORK adapter is it in the guest - 'flexible' or 'e1000 '? Should be 'flexible' for Linux - post (tie) the .vmx doubt customers.
--
If you have found this device or any other answer useful please consider the use of buttons useful or Correct to award points.
-
Cannot ping virtual machine Windows 7 vm Server 2012 [Server R2 2012]
Hi all
I'm not sure that this is a vmware workstation or server 2012 r2 problem, but I would still ask thought.
I have a 2012 r2 vm server and win 7 vm in a ' host-only: a private network, shared with the host country "network connection.
I can ping the server vm win7, but cannot ping the ""Server the VM win7 ". "
But when I point the win7 dns on the server 2012R2 (that has AD and DNS configured) I can join the virtual machine Windows 7 announcement.
Its totally weird
Whenever I try to win7 from the ping server, it says "Request Timed Out".
Does anyone know how can I fix?
I'm using VMWare Workstation 11
Thank you
Post edited by: Michael Hilburt
Is there a way to get pings without demeaning the whole firewall?
https://TechNet.Microsoft.com/en-us/library/cc972926%28V=WS.10%29.aspx?f=255&MSPPError=-2147217396
-
Hi all:
I have a strange problem of networking that VMware technical support has not been able to help.
Summary of the problem: comments cannot ping host unless the host is a ping command, while the guest is ping to the host
Details of the problem: I have intalled VMware Workstation 6.5.2 on the host Windows Vista Edition Home Premium (SP1). I installed several guests, including Ubuntu 8.04, openSUSE 11, Win XP and Win 2000. All guests use "bridged" network. The host has a static IP address. All guests have DHCP. All these people have the same problem - they cannot ping the host. It simply returns "Destination unreachable". However, if I run a ping from the host (it didn't ping the same customer, any ip address on the network) while the guest is ping to the host, and then will cross ping of the guest. For the next two minutes, the guest will be able to ping the host without any problem (without 'help' of the host). Then the guest will again be able ping on the host and you will have to repeat the same process. Quite strange, isn't? Another problem, I can access the internet from the hosts and guests can ping each other. (I can't access the printer connected to the host. However if the guest can ping on the host, then it can also access the printer as well.) I tried everything but still can't find the root cause of the problem. Here is a list of the things I've tried:
1. tried VMware Workstation 6.5.2 on a Windows XP computer on the same network (equipped with a wireless card intel) and did NOT have this problem.
2. firewalls, antivirus software, VPN clients, etc. were all off. It did not help.
3. the problem disappears if I use the wired Ethernet connection
4. the current wireless adapter is a D-Link, but I also tried with a Linksys Wireless card and had the same problem
5. the same problem exists also for VMware 6.5.1
6. I have installed the software VirtuaBox VM from Sun and installed the same comments from Ubuntu on the same host. The problem goes away!
7. I also tried the "NAT" networking and had the same problem.
8. I also tried DHCP for host and had the same problem.
I've tried everything I can think of and nothing seemed to help. I have filed a request for assistance with VMware tech and traded a few emails with the support guy but have not heard from him for a few days. I would really appreciate if someone can offer a few ideas to help solve this problem. I'm not a networking guru, but I'm a software engineer, so you can talk to me in technical terms.
Thank you in advance.
Yes! as noted above, it is the arp tables.
my router is assigned the same IP address for the host computer and the guest, so as soon as you ping from your host prompt, the mac and ip is back in the arp (invites) tables and from there he will communicate via newly assigned ARP table. You can check this scathing the hostname and it will be the same ip address as your guest (in my case)
I then googled arp vmware and discovered that it is familir with chipset broadcom and vmware behavior.
ARP - a displays the tables,
ARP s 00-00-00-00-00-00 192.168.x.xxx - assign the IP address to a MAC address.
I hope this helps.
-
Once the VPN connection is established, cannot ping or you connect other IP devices
Try to get a RV016 installed and work so that people can work from home. You will need to charge customers remote both WIN XP and MAC OS X.
Have the configured router and works fine with the VPN Linksys client for WIN XP users. Can connect, ping, mount the shared disks, print to printers to intellectual property, etc.
Can connect to the router fine with two VPN clients third 3 for Mac: VPN Tracker and IPSecuritas. However, once the connection is established, cannot ping the VPN LinkSYS router or any other IP address on the LAN Office. Turn the firewall on or off makes no difference.
Is there documentation anywhere that describes how the LinksysVPN for Windows Client communicates so these can be replicated in 3rd VPN clients from third parties for the Mac in OS X?
The connection with IPSecuritas and VPN Tracker is performed using a shared key and a domain name. It is not a conflict of IP address network between the client and the VPN 192.168.0.0/24 network.
VPN Tracker and IPSecuritas are able to connect to the routers CISCO easy VPN with no poblem.
Any ideas on how to get the RV016 to work for non-Windows users?
We found and fixed the problem, so using VPN Tracker or current IPSecuritas on OS X people have access to the LAN via the RV016 machines. The "remote networks" in the screen BASE in VPN Tracker has been set on the entire subnet: 192.168.0.0/255.255.255.0 the in the RV016 has been set to the IP of 192.168.0.1 to 192.168.0.254 range. Even if the addresses are essentially the same, without specifying the full subnet in the RV016 has allowed the connection to do but prevented the VPN client machine to connect because the RV016 would pass all traffic to the Remote LAN. Change the setting of 'local group' in RV016 settings in the screen "VPN/summary/GroupVPN', 'Local Group Zone' for the subnet 192.168.0.0/24 full solved the problem.
-
Peer AnyConnect VPN cannot ping, RDP each other
I have an ASA5505 running ASA 8.3 (1) and ASDM 7.1 (1). I have a remote access VPN set up and remote access users are able to connect and access to network resources. I can ping the VPN peers between the Remote LAN. My problem counterparts VPN cannot ping (RDP, CDR) between them. Ping a VPN peer of reveals another the following error in the log of the SAA.
Asymmetrical NAT rules matched for flows forward and backward; Connection for icmp outside CBC: 10.10.10.8 outside dst: 10.10.10.9 (type 8, code 0) rejected due to the failure of reverse NAT.
Here's my ASA running-config:
ASA Version 8.3 (1)
!
ciscoasa hostname
domain dental.local
activate 9ddwXcOYB3k84G8Q encrypted password
2KFQnbNIdI.2KYOU encrypted passwd
names of
!
interface Vlan1
nameif inside
security-level 100
IP 192.168.1.1 255.255.255.0
!
interface Vlan2
nameif outside
security-level 0
IP address dhcp setroute
!
interface Ethernet0/0
switchport access vlan 2
!
interface Ethernet0/1
!
interface Ethernet0/2
!
interface Ethernet0/3
!
interface Ethernet0/4
!
interface Ethernet0/5
!
interface Ethernet0/6
!
interface Ethernet0/7
!
passive FTP mode
clock timezone CST - 6
clock to summer time recurring CDT
DNS lookup field inside
DNS server-group DefaultDNS
192.168.1.128 server name
domain dental.local
permit same-security-traffic inter-interface
permit same-security-traffic intra-interface
network obj_any object
subnet 0.0.0.0 0.0.0.0
network of the RAVPN object
10.10.10.0 subnet 255.255.255.0
network of the NETWORK_OBJ_10.10.10.0_28 object
subnet 10.10.10.0 255.255.255.240
network of the NETWORK_OBJ_192.168.1.0_24 object
subnet 192.168.1.0 255.255.255.0
access-list Local_LAN_Access note VPN Customer local LAN access
Local_LAN_Access list standard access allowed host 0.0.0.0
DefaultRAGroup_splitTunnelAcl list standard access allowed 192.168.1.0 255.255.255.0
Note VpnPeers access list allow peer vpn ping on the other
permit access list extended ip object NETWORK_OBJ_10.10.10.0_28 object NETWORK_OBJ_10.10.10.0_28 VpnPeers
pager lines 24
Enable logging
asdm of logging of information
logging of information letter
address record [email protected] / * /
exploitation forest-address recipient [email protected] / * / level of information
record level of 1 600 6 rate-limit
Outside 1500 MTU
Within 1500 MTU
mask 10.10.10.5 - 10.10.10.10 255.255.255.0 IP local pool VPNPool
ICMP unreachable rate-limit 1 burst-size 1
ASDM image disk0: / asdm - 711.bin
don't allow no asdm history
ARP timeout 14400
NAT (inside, all) static source all electricity static destination RAVPN RAVPN
NAT (inside, outside) static static source NETWORK_OBJ_10.10.10.0_28 destination NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_10.10.10.0_28
NAT (inside, outside) static source all all NETWORK_OBJ_10.10.10.0_28 of NETWORK_OBJ_10.10.10.0_28 static destination
!
network obj_any object
NAT dynamic interface (indoor, outdoor)
network of the RAVPN object
dynamic NAT (all, outside) interface
Timeout xlate 03:00
Timeout conn 01:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
Sunrpc timeout 0:10:00 h323 0:05:00 h225 mgcp from 01:00 0:05:00 mgcp-pat 0:05:00
Sip timeout 0:30:00 sip_media 0:02:00 prompt Protocol sip-0: 03:00 sip - disconnect 0:02:00
Timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
timeout tcp-proxy-reassembly 0:01:00
dynamic-access-policy-registration DfltAccessPolicy
Enable http server
http 192.168.1.0 255.255.255.0 inside
No snmp server location
No snmp Server contact
Community SNMP-server
Server enable SNMP traps snmp authentication linkup, linkdown cold start
Crypto ipsec transform-set ESP-AES-256-MD5 esp-aes-256 esp-md5-hmac
Crypto ipsec transform-set ESP-DES-SHA esp - esp-sha-hmac
Crypto ipsec transform-set esp-SHA-ESP-3DES-3des esp-sha-hmac
Crypto ipsec transform-set ESP-DES-MD5 esp - esp-md5-hmac
Crypto ipsec transform-set ESP-AES-192-MD5 esp-aes-192 esp-md5-hmac
Crypto ipsec transform-set ESP-3DES-MD5-esp-3des esp-md5-hmac
Crypto ipsec transform-set ESP-AES-256-SHA 256 - aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-SHA aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-192-SHA esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-MD5-esp - aes esp-md5-hmac
Crypto ipsec transform-set ESP-AES-128-SHA-TRANS-aes - esp esp-sha-hmac
Crypto ipsec transform-set ESP-AES-128-SHA-TRANS mode transit
Crypto ipsec transform-set ESP-DES-SHA-TRANS esp - esp-sha-hmac
Crypto ipsec transform-set ESP-DES-SHA-TRANS mode transit
Crypto ipsec transform-set ESP-AES-192-SHA-TRANS esp-aes-192 esp-sha-hmac
Crypto ipsec transform-set ESP-AES-192-SHA-TRANS mode transit
Crypto ipsec transform-set ESP-AES-256-SHA-TRANS esp-aes-256 esp-sha-hmac
Crypto ipsec transform-set ESP-AES-256-SHA-TRANS mode transit
Crypto ipsec transform-set ESP-3DES-SHA-TRANS esp-3des esp-sha-hmac
Crypto ipsec transform-set ESP-3DES-SHA-TRANS mode transit
life crypto ipsec security association seconds 28800
Crypto ipsec kilobytes of life - safety 4608000 association
Crypto dynamic-map SYSTEM_DEFAULT_CRYPTO_MAP 65535 value transform-set ESP ESP-AES-128-SHA ESP - AES - 192 - SHA ESP - AES - 256 - SHA ESP - 3DES - SHA - OF - SHA ESP - AES - 128 - SHA - TRANS ESP - AES - 192 - SHA - TRANS ESP - AES - 256 - SHA - ESP ESP - 3DES - SHA - TRANS TRANS-DES - SHA - TRANS
outside_map card crypto 65535-isakmp dynamic ipsec SYSTEM_DEFAULT_CRYPTO_MAP
outside_map interface card crypto outside
trustpoint crypto ca-CA-SERVER ROOM
LOCAL-CA-SERVER key pair
Configure CRL
Crypto ca trustpoint ASDM_TrustPoint0
registration auto
name of the object CN = ciscoasa
billvpnkey key pair
Proxy-loc-transmitter
Configure CRL
crypto ca server
CDP - url http://ciscoasa/+CSCOCA+/asa_ca.crl
name of the issuer CN = ciscoasa
SMTP address [email protected] / * /
crypto certificate chain ca-CA-SERVER ROOM
certificate ca 01
* hidden *.
quit smoking
string encryption ca ASDM_TrustPoint0 certificates
certificate 10bdec50
* hidden *.
quit smoking
crypto ISAKMP allow outside
crypto ISAKMP policy 10
authentication crack
aes-256 encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 20
authentication rsa - sig
aes-256 encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 30
preshared authentication
aes-256 encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 40
authentication crack
aes-192 encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 50
authentication rsa - sig
aes-192 encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 60
preshared authentication
aes-192 encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 70
authentication crack
aes encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 80
authentication rsa - sig
aes encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 90
preshared authentication
aes encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 100
authentication crack
3des encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 110
authentication rsa - sig
3des encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 120
preshared authentication
3des encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 130
authentication crack
the Encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 140
authentication rsa - sig
the Encryption
sha hash
Group 2
life 86400
crypto ISAKMP policy 150
preshared authentication
the Encryption
sha hash
Group 2
life 86400
enable client-implementation to date
Telnet 192.168.1.1 255.255.255.255 inside
Telnet timeout 5
SSH timeout 5
Console timeout 0
management-access inside
dhcpd outside auto_config
!
dhcpd address 192.168.1.50 - 192.168.1.99 inside
dhcpd allow inside
!
a basic threat threat detection
threat detection statistics
a statistical threat detection tcp-interception rate-interval 30 burst-400-rate average rate 200
SSL-trust outside ASDM_TrustPoint0 point
WebVPN
allow outside
SVC disk0:/anyconnect-win-3.1.04072-k9.pkg 1 image
SVC profiles DellStudioClientProfile disk0: / dellstudioclientprofile.xml
enable SVC
tunnel-group-list activate
internal-password enable
chip-tunnel list SmartTunnelList RDP mstsc.exe windows platform
internal DefaultRAGroup group strategy
attributes of Group Policy DefaultRAGroup
Server DNS 192.168.1.128 value
Protocol-tunnel-VPN l2tp ipsec
Split-tunnel-policy tunnelspecified
value of Split-tunnel-network-list DefaultRAGroup_splitTunnelAcl
Dental.local value by default-field
WebVPN
SVC value vpngina modules
internal DefaultRAGroup_1 group strategy
attributes of Group Policy DefaultRAGroup_1
Server DNS 192.168.1.128 value
Protocol-tunnel-VPN l2tp ipsec
Dental.local value by default-field
attributes of Group Policy DfltGrpPolicy
Server DNS 192.168.1.128 value
VPN - 4 concurrent connections
Protocol-tunnel-VPN IPSec l2tp ipsec svc webvpn
value of group-lock RAVPN
value of Split-tunnel-network-list Local_LAN_Access
Dental.local value by default-field
WebVPN
the value of the URL - list DentalMarks
SVC value vpngina modules
SVC value dellstudio type user profiles
SVC request to enable default webvpn
chip-tunnel enable SmartTunnelList
wketchel1 5c5OoeNtCiX6lGih encrypted password username
username wketchel1 attributes
VPN-group-policy DfltGrpPolicy
WebVPN
SVC value DellStudioClientProfile type user profiles
username privilege 15 encrypted password 5c5OoeNtCiX6lGih wketchel
username wketchel attributes
VPN-group-policy DfltGrpPolicy
WebVPN
modules of SVC no
SVC value DellStudioClientProfile type user profiles
jenniferk 5.TcqIFN/4yw0Vq1 of encrypted password privilege 0 username
jenniferk username attributes
VPN-group-policy DfltGrpPolicy
WebVPN
SVC value DellStudioClientProfile type user profiles
attributes global-tunnel-group DefaultRAGroup
address pool VPNPool
LOCAL authority-server-group
IPSec-attributes tunnel-group DefaultRAGroup
pre-shared key *.
tunnel-group DefaultRAGroup ppp-attributes
PAP Authentication
ms-chap-v2 authentication
eap-proxy authentication
type tunnel-group RAVPN remote access
attributes global-tunnel-group RAVPN
address pool VPNPool
LOCAL authority-server-group
tunnel-group RAVPN webvpn-attributes
enable RAVPN group-alias
IPSec-attributes tunnel-group RAVPN
pre-shared key *.
tunnel-group RAVPN ppp-attributes
PAP Authentication
ms-chap-v2 authentication
eap-proxy authentication
type tunnel-group WebSSLVPN remote access
tunnel-group WebSSLVPN webvpn-attributes
enable WebSSLVPN group-alias
!
class-map inspection_default
match default-inspection-traffic
!
!
type of policy-card inspect dns preset_dns_map
parameters
maximum message length automatic of customer
message-length maximum 512
Policy-map global_policy
class inspection_default
inspect the preset_dns_map dns
inspect the ftp
inspect h323 h225
inspect the h323 ras
inspect the rsh
inspect the rtsp
inspect esmtp
inspect sqlnet
inspect the skinny
inspect sunrpc
inspect xdmcp
inspect the sip
inspect the netbios
inspect the tftp
Review the ip options
!
global service-policy global_policy
173.194.64.108 SMTP server
context of prompt hostname
HPM topN enable
Cryptochecksum:3304bf6dcf6af5804a21e9024da3a6f8
: end
Hello
Seems to me that you can clean the current NAT configuration a bit and make it a little clearer.
I suggest the following changes
network of the VPN-POOL object
10.10.10.0 subnet 255.255.255.0
the object of the LAN network
subnet 192.168.1.0 255.255.255.0
PAT-SOURCE network object-group
object-network 192.168.1.0 255.255.255.0
object-network 10.10.10.0 255.255.255.0
NAT static destination LAN LAN (indoor, outdoor) static source VPN-VPN-POOL
destination VPN VPN-POOL POOL static NAT (outside, outside) 1 static source VPN-VPN-POOL
NAT interface (it is, outside) the after-service automatic PAT-SOURCE dynamic source
The above should allow
- Dynamic PAT for LAN and VPN users
- NAT0 for traffic between the VPN and LAN
- NAT0 for traffic between the VPN users
You can then delete the previous NAT configurations. Naturally, please save the configuration before you make the change, if you want to revert to the original configuration.
no static source nat (inside, everything) all electricity static destination RAVPN RAVPN
No source (indoor, outdoor) nat static static NETWORK_OBJ_10.10.10.0_28 destination NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_192.168.1.0_24 NETWORK_OBJ_10.10.10.0_28
No source (indoor, outdoor) nat static everything all NETWORK_OBJ_10.10.10.0_28 of NETWORK_OBJ_10.10.10.0_28 static destination
No network obj_any object
No network object RAVPN
In case you do not want to change the settings a lot you might be right by adding this
network of the VPN-POOL object
10.10.10.0 subnet 255.255.255.0
destination VPN VPN-POOL POOL static NAT (outside, outside) 1 static source VPN-VPN-POOL
But the other above configurations changes would make NAT configurations currently simpler and clearer to see every goal of "nat" configurations.
-Jouni
-
DLR Uplink and GSS internal transit same VXLAN cannot ping each other.
Start with, I run NSX 6.2.2 firewall rules on 'allow all' to 'all' to 'all' "all protocols", in other words disabled...
I have a VXLAN 5000 transit, with an uplink DLR interface attached to it, and an internal interface GSS in the appendix in which neither of the parties can ping to another. So for troubleshooting, I added 2 VM Windows attached to the same transit VXLAN 5000, a virtual machine is on ESXi host 1 and the other is on host ESXi 4. They can fine ping each other, and two virtual machines can ping both the uplink of DLR and internal interfaces of the GSS.
This question has puzzled me because it makes no sense, why the DLR and the GSS cannot ping each other but 2 virtual machines that VXLAN can ping all adjacent devices. I can even put bridges on those virtual machines with a rule NAT on the GSS and those virtual machines can get internet through the GSS, but no matter what I try, the DLR cannot ping the GSS, and the GSS cannot ping DLR...
I need to define a static route between the GSS DLR <>- but if I can't even answer ping interfaces I'm dead in the water.
If I install virtual machines in a network LAN DLR interface such as WebApp and test for example database, I can ping throughout the DLR together until the IP DLR Uplink, but then he cannot ping the GSS internal.
Does anyone have suggestions for troubleshooting? Test commands that I can run? I tried many things and then lots of websites with the troubleshooting steps. Everything seems fine, all green checks in the installation steps... All roads, MACs, ARP tables appear as expected when I run test on host computers commands and controllers. I don't know what is the cause except for a bug in the code...
All ideas are welcome... Thank you
UPDATE:
Yes, so it has need of a static NAT rule on the GSS...
In my environment, I added a SNAT rule on adapter: ESG_Uplink with 0.0.0.0/24 CBC-translation dst: 1.1.1.101 (my lab ESG IP Uplink).
It works now... VM tenant box connected to WebApp portgroup (192.168.13.115) can now ping gateway DLR, through routing OSPF to the GSS and ping on physical bridge of...
I learned a lot on this one... I'm not going to worry about why the static route, I tried first post didn't work, since I was the OSPF running instead (which is more appropriate for my laboratory for realistic scenario anyway), and the Foundation will now suffice to build the rest of this POC vRA / vRO lab...
Thank you in any case, sometimes it's just nice to have someone to listen.
-
Nested Hyper-V VM cannot ping the default gateway
Hello
At first, I have to say that I don't consider myself an expert produced a VMware.
I've been struggling with my test environment nested for a while and finally decided to get help (I hope) of pros.
Environment looks like this:
- Physical VMware ESXi 5.1.0 ("Promiscuous" mode enabled for the vSwitch)
- Couple of virtual machines, one of them being Hyper-V (Windows Server 2012 R2) server that is configured for nested virtualization - 10.106.5.27
- On the Hyper-V server, I have a VM in Windows Server 2012 R2 - 10.106.5.28
- Couple of virtual machines, one of them being Hyper-V (Windows Server 2012 R2) server that is configured for nested virtualization - 10.106.5.27
Hyper-V server has a NETWORK card and full network connectivity (internal and external: Internet) and in the Hyper-V Manager, a virtual switch is configured in external mode.
VM is connected to this virtual switch via a virtual network adapter. It has public static IP assigned with mask subnet, default gateway, and DNS even as a Hyper-V host. I ping times by IP and DNS name of the host of VM and vice versa. I cannot ping other resources of the virtual machine as the default gateway and DNS ("request timed") servers out. State of the network in the network and sharing Center is VM:
- unidentified network
- Public network
- type of access: no internet access
When I run the tool for troubleshooting problems on VM, he says "the default gateway is not available". As I said I can not ping.
I think that all my connectivity problems are caused by the unavailability of the gateway by default on the virtual machine, but I have no idea how to solve this problem. When you change the settings of the VM card from static to DHCP I can't even ping on the Hyper-V host.
All servers are joined to the same domain (VM has been migrated to ESXi, so he joined to the domain before, but I can't connect to using domain accounts, probably due to network issue).
I hope I described the problem enough, but please let me know if you need more information.
Try to activate forged passes also on the vSphere vSwitch as you do for the Promiscuous Mode.
- Physical VMware ESXi 5.1.0 ("Promiscuous" mode enabled for the vSwitch)
-
Cannot ping machine, but can RDP
Hi all
I have 3 viral machines:
DC 10.0.0.1
SQL 10.0.0.2
Members 10.0.0.3
I've implemented network VMnet2 only, so there is no outside world.
Everything works, but I cannot ping each other.
I can't ping DC-> SQL
DC-> members
Members-> SQL
SQL-> members
I can ping SQL-> DC
Members-> DC
I can RDP to machines for all machines, for network is woring
Why I can't ping?
Thank you
You must disable the windows firewall or authorize the ping on the firewall.
-
VMs that newly set up cannot ping the host
A few days ago vSphere VMs worked well on nested host A that was vSphere, too. Then, install a vDS and place all hosts. He because of problem that guests could not ping each other. But, other virtual machines (I mean windows OS above) can always ping the host. So, moved the hosts of the vDS and removed the vDS, the problem is there. And implemented a few new virtual machines, what operating system are vSphere, too on the nested host a. They can only ping itself, but cannot ping on nested host A, too. Then, remove the data center and set up a new. the probel is still here.
The problem should be soon after vDS, how can I solve this problem?
the configuration of these new virtual machines are inpicture.
my thought here, you forgot to activate rear promicious (security) on vSwitch0 & 1 after the migration, both of vNDS
-
Cannot ping the Virtual Machine by host
Hi all,
Please help, I use VMWare Workstation 6.5 and I have a physical operating system which is Windows XP SP2, I have a network card, but not connected to a physical switch, the IP address is 192.168.0.1. I installed a Virtual Machine using Microsoft Windows 2003 server as the operating system, promote as domain controller, install the DHCP, DNS service and assign an IP 192.168.0.2, no default gateway.
My VMnet1 on physical operating system has an IP 192.168.204.1 and VMNet8 has an IP 192.168.126.1.
The host, I cannot ping the 192.168.0.2 which is the IP address of the Virtual Machine. Even in the Virtual Machine, I can not ping 192.168.0.1 is the IP address of the host. From what I read, the physical and the virtual machine were connected with a virtual switch. Am I wrong?
Any advice?
Thanks in advance.
They SEEM to be in different networks, you need search routing between them,... since they differnet networks...
on the other
they do host and the virtual machine on the same subnet / network for EXAMPLE: class C class network 192.168.200.0/24
granting of points if my answer was helpful... Thank you > > > > > > > >
concerning
Joe
-
Instances of VMware cannot ping between them somehow...
This is the environment for my experience:
Host: My Windows XP sp3
Products VMware: Vmware Workstation 6.0.3
Instances of VMware: one is installed Win2k3 with SP2 and a domain controller/DNS/Exchange server role, another is installed Win XP sp3 and play as a customer...
IP of the domain controller configuration:
Windows IP configuration
Name of the host...: dc
Suffix main Dns...: ge.com
Node... type: hybrid
Active... IP routing: No.
Active... proxy WINS: No.
... DNS suffix search list: ge.com
Ethernet connection to the Local card:
The connection-specific DNS suffix. :
... Description: VMware accelerated AMD PCNet Adapter
Physical address.... : 00-0C-29-56-FD-24
DHCP active...: No.
... The IP address: 192.168.238.3
... Subnet mask: 255.255.255.0.
... Default gateway. :
DNS servers...: 192.168.238.3.
Configuration of the client IP as below:
*********************************************************
Windows IP configuration
Name of the host...: client1
Suffix main Dns...: ge.com
... Node type: unknown
Active... IP routing: No.
Active... proxy WINS: No.
... DNS suffix search list: ge.com
Ethernet connection to the Local card:
The connection-specific DNS suffix. :
... Description: VMware accelerated AMD PCNet Adapter
Physical address.... : 00-0C-29-54-9D-B4
DHCP active...: No.
... The IP address: 192.168.238.4
... Subnet mask: 255.255.255.0.
... Default gateway. :
DNS servers...: 192.168.238.3.
And here are the parameters of the DC on Vmware:
And here's the VMware client settings:
And settings of network virtual as below:
My problem is:
Today, two Merethe cannot ping each other all at ONCE, even if they worked very well without any problems.
I tried to change the other IPs/remove and add maps network/restart on two instances but still no luck
Please kindly help me friends :)
Hmm so there is no problem with the NAT adapter, problem looks to with Bridge mode... Check if proceeding under in the cardiac control panels network connections is enabled for all vmware... cards try to disable and enable them
If its possible to restart the virtual machine... try this
-Remove the network card
-Turn on the virtual computer.
-Turning off the virtual computer.
-Add the network adapter
-Start the virtual machine. See if that helps.
Concerning
Anil
Save the planet, go for green
If you have found my reply to be useful, feel free to mark it as useful or Correct.
-
SMU 8135 cannot ping pc when installing labview
HJ. Help me
my laptop do not install labview 2012 can ping with SMU 8135 but labview installed on my laptop cannot ping with SMU 8135. I don't understand
Hi ffefef,
Could you explain in more detail the question, you encounter?
Thank you
Maybe you are looking for
-
Re: Reinstalling individual tool is not possible?
Hello I have a Toshiba L350-15U with preinstalled Vista Home Premium + Tools/utilities. One of the pre-installed tools is "Ulead DVD MovieFactory for TOSHIBA 5" which * order work * after that I accidentally deleted the file named * "umfCommon.dll" *
-
SignalExpress Tektronix License Manager
I'm still the site administrator for LabVIEW SignalExpress Tektronix Edition licenses (used by the Tektronix sales force to sell SignalExpress TE) and I still have the same computer, but it's switching me from XP to Win7. The same License Manager sof
-
M2N78 - Upgrade (Violet6)
I wanted to spend my dual core to a quad core, well it's hard to find one for this motherboard, but I was interested by the phenom II X 4 960 t. which is am3 as my Board claims and it meets the requirements of power which is 95w tdp max but the part
-
Does anyone know when two-way NAT (according to the latest versions of PIX) will apply to the FWSM?
-
Dell Wireless WLAN Card error msg
The full text of my event viewer "C:\Program Dell Wireless WLAN Card\bcmwltry.exe. Load Assembly Microsoft.VC90.MFC, processorArchitecture is "amd64", publicKeyToken = "1fc8b3b9a1e18e3b", type = "win32", version = "9.0.21022.8" not found Seems back t