VMware Networking Community
MrVmware9423
Expert
Expert
‎09-18-2022 11:36 PM
Jump to solution

DFW rule to ping Uplink IP

Hello Team,

If I would like to ping the uplink IP of the physical router from a VM which is connected to the T1 gateway If I write the below rule in DFW then would I be able to ping the same? OR the same type of rule should be there in the physical firewall as well then only I would be able to ping the Uplink router IP from VM, Please assist.

Source VM1

Destination UplinkRouterIPAddress 

Service ICMP Echo

Action Allow 

 

Thank you in Advance

0 Kudos
1 Solution

Accepted Solutions
ShahabKhan
VMware Employee
VMware Employee
‎09-19-2022 02:58 AM
Jump to solution

Do a traceroute from the VM to the router IP & see where the packet is getting dropped. Sometimes, Customers implement ACL on the router to block ICMP, you can ask the Customer to check that as well.

View solution in original post

3 Replies
ShahabKhan
VMware Employee
VMware Employee
‎09-19-2022 02:21 AM
Jump to solution

Hi,

It depends on the traffic path. If you have a physical firewall in the traffic path between the VM & the router, then yes you should have the rule to allow ICMP between the VM & the router.

MrVmware9423
Expert
Expert
‎09-19-2022 02:55 AM
Jump to solution

Ok, Thank you.

 

I've checked the network topology diagram, we don't have a firewall between VM and router still not able to ping, what could be the reason for the same?

0 Kudos
ShahabKhan
VMware Employee
VMware Employee
‎09-19-2022 02:58 AM
Jump to solution

Do a traceroute from the VM to the router IP & see where the packet is getting dropped. Sometimes, Customers implement ACL on the router to block ICMP, you can ask the Customer to check that as well.