[j-nsp] Traceroute not working as expected
james list
jameslist72 at gmail.com
Mon Dec 18 16:14:11 EST 2017
Yes I tought it but why only for one firewall and not the other?
Cheers
Il 18 Dic 2017 21:51, "Dan White" <dwhite at olp.net> ha scritto:
> (Cisco list removed)
>
> On 12/18/17 21:21 +0100, james list wrote:
>
>> In the same broadcast domain (10.1.0.0/24) I have four devices:
>>
>> 1) carrier router .1
>> 2) firewallA .2
>> 3) firewallB .3
>> 4) firewallC .4
>>
>> Carrier router has a default route to .2 (firewall A).
>>
>> 2-3-4) has gateway to .1
>>
>> If I made traceroute to a wan location 10.2.0.1 from 3) I get:
>> 10.1.0.1
>> then wan mpls
>>
>> If I made traceroute to a wan location 10.2.0.1 from 4) I get:
>> 10.1.0.2
>> 10.1.0.1
>> Then wan carrier mpls
>>
>> What can cause the issue only to firewallC?
>> This is why I guess I cannot establish ipsec vpn from remote to firewallC.
>>
>
> ICMP redirect is the first thing that comes to mind, along with perhaps
> inconsistent ICMP filtering rules.
>
More information about the juniper-nsp
mailing list