« Not Just A Warmmonger |
Main
| How To Win A Peace Prize »
Network Problems
What would cause computer A to be able to ping Computers B and C, but B and C be unable to ping A (though they can ping each other)? FWIW, A is on a wireless connection. B and C are ethernet.
[Update a few minutes later]
In answer to the question in comments, I'm pinging by IP. The router is running in DHCP mode.
[going off to try something]
That was it. Zone Alarm was blocking the pings. I shut it down, and it works now. Guess I need to add the local network to its trusted zone.
Posted by Rand Simberg at October 12, 2007 10:25 AM
TrackBack URL for this entry:
http://www.transterrestrial.com/mt-diagnostics.cgi/8348
Listed below are links to weblogs that reference
this post from
Transterrestrial Musings.
Comments
First thing that comes to mind is firewall settings; is Computer A set to ignore pings?
Second thing is to move the computers around; put "A" on the wired segment and see if "B" or "C" can ping it. I'm assuming a standard wireless/wired hub, and since "A" can ping the wired net you probably don't have any internal firewalls to deal with.
On the other hand, this may be a new 'security' feature, to keep idiots who don't encrypt their WiFi from getting cracked by drive-bys.
Posted by Glenn at October 12, 2007 10:49 AM
Is there any NAT involved at the wireless router?
That's my only guess; if it was doing NAT, outgoing ICMP would work, because the NAT translation would DTRT for replies, but incoming wouldn't work because that's just the nature of NAT.
Perhaps your wireless setup is accidentally set up to do NAT?
Posted by Sigivald at October 12, 2007 10:50 AM
What he said.
Also, are you doing the pings by IP address or names? Could be some kind of name resolution issue...
You might want a sniffer for debugging; I can strongly recommend the freeware 'wireshark' (wireshark.org), included with most linux distributions and available for Windows, too.
Posted by Mike Earl at October 12, 2007 10:54 AM
Other possibilites include a bad subnet mask setting, or a duplicate IP address. Were I troubleshooting, I would first turn off any firewalls and NAT to make sure it's not the network, then check the IP and the subnetting, and finally would remove the system on the wireless and put it on the wired network with that interface configured identically to the wireless interface. The idea is to progressively eliminate components until it works, then fix the last component you removed.
Posted by Jeff Medcalf at October 12, 2007 11:01 AM
Zone Alarm was blocking the pings.
At work I try to remember that ping is not as reliable as it used to be. Why?
In my limited experience (dealing with a global company network and vendors) we're blocking all and only allowing traffic and ports that are explicitly required. Ping usually does not work for me.
What does work is telnet'ing to an port. On my hosts this is port 80. YMMV.
Posted by Brian at October 12, 2007 09:19 PM
Post a comment