Guest User!

You are not Sophos Staff.

Thread Info
  • State Verified Answer
  • +1 person also asked this people also asked this
  • Locked Locked
  • Replies 5 replies
  • Subscribers 28 subscribers
  • Views 21260 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

I can't ping the GW IP from LAN trough XG Firewall

David Babiano Rodriguez

Hi to all,

I'm new in Sophos XG firewall world and I have an estrange issue...

I have one XG210 unit in my lab. I have one LAN network and one WAN network (very simple lab). When I configure the WAN port with static IP address, I can't ping the GW router (this is the gw in my company and works fine) and when I configure the WAN port with DHCP client, when DHCP server lease the IP to the XG, I can reach the GW without any problems... When I can't reach the gateway by ping, I'm able to browse internet...

Someone knows why??? I have checked the subnet mask and is configured properly...

Thanks for all!!!

Kind Regards,

David



This thread was automatically locked due to age.
Parents
  • +1

    HI David , 

    As Varun Suggestion, the ARP is indeed an issue in your Gateway . You may manually initiate the ARP request to your gateway via console access.

    console >system diagnostics utilities arp ping source 1.1.1.1 interface PortB 1.1.1.2

    Where in the example 1.1.1.1 is the WAN configured on XG device and Port B is the WAN interface and 1.1.1.2 is your Gateway address. 

    Check if you are able to receive the reply , if so try to ping again from the console itself . 

    console >system diagnostics utilities ping sourceip 1.1.1.1 interface PortB  1.1.1.2

    If you have received the reply then you are good to go , if not and able to browse then try to ping 8.8.8.8 if you are able to receive reply then change the address of your gateway to 8.8.8.8. 

    BY any chance you are not able to ping 8.8.8.8 then you may use any http website and change the failover condition to tcp instead of ping and type any host address accessible on WAN.

Reply
  • +1

    HI David , 

    As Varun Suggestion, the ARP is indeed an issue in your Gateway . You may manually initiate the ARP request to your gateway via console access.

    console >system diagnostics utilities arp ping source 1.1.1.1 interface PortB 1.1.1.2

    Where in the example 1.1.1.1 is the WAN configured on XG device and Port B is the WAN interface and 1.1.1.2 is your Gateway address. 

    Check if you are able to receive the reply , if so try to ping again from the console itself . 

    console >system diagnostics utilities ping sourceip 1.1.1.1 interface PortB  1.1.1.2

    If you have received the reply then you are good to go , if not and able to browse then try to ping 8.8.8.8 if you are able to receive reply then change the address of your gateway to 8.8.8.8. 

    BY any chance you are not able to ping 8.8.8.8 then you may use any http website and change the failover condition to tcp instead of ping and type any host address accessible on WAN.

Children
No Data