Hi,
Can someone help me here to find problem with setup of SRX5600 where we trying to ping SRX interface from the switch but can't ping and vice versa. The status is same towards upstream router as well.
When we checked the flow session table, there is no session being created when we ping the firewall reth interface IP from the switch. At the same time when we ping switch IP from firewall we got the session with 0 packets received (Both outputs are pasted in the message).
Below is the connectivity setup -
Session when tried ping from firewall to switch -
Flow Sessions on FPC0 PIC2:
Session ID: 134217731, Policy name: self-traffic-policy/1, State: Active, Timeout: 58, Valid
In: 10.154.144.193/11493 --> 10.154.144.194/2;icmp, Conn Tag: 0x0, If: .local..12, Pkts: 1, Bytes: 84, CP Session ID: 3
Out: 10.154.144.194/2 --> 10.154.144.193/11493;icmp, Conn Tag: 0x0, If: reth1.140, Pkts: 0, Bytes: 0, CP Session ID: 3
Total sessions: 1
Flow Sessions on FPC0 PIC3:
Session ID: 201326594, Policy name: self-traffic-policy/1, State: Active, Timeout: 58, Valid
In: 10.154.144.193/11493 --> 10.154.144.194/1;icmp, Conn Tag: 0x0, If: .local..12, Pkts: 1, Bytes: 84, CP Session ID: 2
Out: 10.154.144.194/1 --> 10.154.144.193/11493;icmp, Conn Tag: 0x0, If: reth1.140, Pkts: 0, Bytes: 0, CP Session ID: 2
Total sessions: 1
Flow Sessions on FPC1 PIC0:
Session ID: 268435459, Policy name: self-traffic-policy/1, State: Active, Timeout: 56, Valid
In: 10.154.144.193/11493 --> 10.154.144.194/0;icmp, Conn Tag: 0x0, If: .local..12, Pkts: 1, Bytes: 84, CP Session ID: 3
Out: 10.154.144.194/0 --> 10.154.144.193/11493;icmp, Conn Tag: 0x0, If: reth1.140, Pkts: 0, Bytes: 0, CP Session ID: 3
Total sessions: 1
Only logs when tried pinging SRX IP from nexus switch -
Aug 4 10:15:02 fw01 clear-log[60139]: logfile cleared
Aug 4 10:15:27 10:15:27.266162:CID-02:FPC-02:PIC-02:THREAD_ID-27:LSYS_ID-00:RT:<10.154.144.194/27711->10.154.144.193/0;1,0x0> matched filter f2:
Aug 4 10:15:27 10:15:27.266303:CID-02:FPC-02:PIC-02:THREAD_ID-27:LSYS_ID-00:RT:packet [84] ipid = 49508, @0xff06000f4
Aug 4 10:15:27 10:15:27.266310:CID-02:FPC-02:PIC-02:THREAD_ID-27:LSYS_ID-00:RT:CP flow starts, mbuf=0x2aac0000, ifl_idx=292, ctxt_type=0xf
Aug 4 10:15:27 10:15:27.266319:CID-02:FPC-02:PIC-02:THREAD_ID-27:LSYS_ID-00:RT:lpak_init: lpak 0xfdd3e9b30, paksize 84, machdr 0x20a42374, iphdr 0xff06000f4, conn-tag: 0x00000000
Aug 4 10:15:27 10:15:27.266337:CID-02:FPC-02:PIC-02:THREAD_ID-27:LSYS_ID-00:RT:cp flow exit rc=0xffffffff
Aug 4 10:15:29 10:15:29.265613:CID-02:FPC-00:PIC-02:THREAD_ID-09:LSYS_ID-00:RT:<10.154.144.194/27711->10.154.144.193/256;1,0x0> matched filter f2:
Aug 4 10:15:29 10:15:29.265636:CID-02:FPC-00:PIC-02:THREAD_ID-09:LSYS_ID-00:RT:packet [84] ipid = 49509, @0xff0adf8f4
Aug 4 10:15:29 10:15:29.265641:CID-02:FPC-00:PIC-02:THREAD_ID-09:LSYS_ID-00:RT:CP flow starts, mbuf=0x2aafe600, ifl_idx=292, ctxt_type=0xf
Aug 4 10:15:29 10:15:29.265651:CID-02:FPC-00:PIC-02:THREAD_ID-09:LSYS_ID-00:RT:lpak_init: lpak 0xfdf7fbb30, paksize 84, machdr 0x0, iphdr 0xff0adf8f4, conn-tag: 0x00000000
Aug 4 10:15:29 10:15:29.265667:CID-02:FPC-00:PIC-02:THREAD_ID-09:LSYS_ID-00:RT:cp flow exit rc=0xffffffff
Can someone suggest what should i check to get this worked?
Thanks.