DMZ and Ping issue when changing ip address for a server

zillah

Distinguished
Dec 24, 2005
219
1
18,685
I have got a media server 2003 installed in DMZ zone (Cisco PIX 525) , with an ip address 192.168.101.204/24, it was able to ping other servers (sql server , help server, etc ) which are in DMZ zone as well. Basically all servers are in DMZ area

Recently this media server is not able to ping these servers (sql server , help server, etc) , I do not why, but if I changed the ip address (last octet only) for this media server to 192.168.101.222 , it would be able to ping other servers (sql server , help server, etc).

There is no firewall on the media server and there is no firewall on the other servers as well.

All servers have got win2003 OS.

The error message for ping is : timed out

This is no entry with our cisco PIX for both IP addresses 192.168.101.204 and 192.168.101.222
 

zillah

Distinguished
Dec 24, 2005
219
1
18,685
entered "clear arp" on the PIX
I would not have been thinking of that , because since the PIX won't do anything with the ICMP traffic on the DMZ local network.
ICMP traffic will go into one port of the switch and out the relevant one to the receiving server, and never reach the PIX.