Tuesday, September 3, 2019

Issues with management server not seeing a host.

Hi all.

Please excuse what I am sure is a novice question. I just got a new job at a manufacturing facility doing IT work, and am very green when it comes to troubleshooting. I have done as much homework as I can on this issue based on my level of knowledge and will post below.

We have a server at work connected to 5 hosts. These are all connected on a private management network it seems (a 10.net), and all of them also have a secondary NIC connected to the main company network. Somehow this server no longer sees one of the hosts, even though it is up and running, so I am getting critical alerts every 5 minutes for no reason (there is a monitoring software set up on the server as well as it serving a few other purposes).

The host that can no longer be pinged apparently is "blueapp" (private IP: 10.0.2.5) and monitoring server is "monitor" (10.0.2.16). I can ping monitor's management IP from 'blueapp' no problem, but cannot ping the other way around. From blueapp, I can also ping greenapp (10.0.2.4). It is on the same company VLAN (162) as well. I have verified in the network settings that these all share the same subnet mask, etc.

However, from greenapp, I cannot ping blueapp's private IP for whatever reason. If I do a tracert they all time out. I can ping the regular network IP though (XXX.XXX.50.142) and get a response back immediately.

I am thinking this is a firewall issue. Blueapp's firewall is on, domain profile, yet greenapp's firewall is off for the domain profile. However, what I do not understand is, should this restrict communications on the private IP network? I can understand how this would affect communications via the public IP. From what I have researched if a computer can ping "one way" then it is a firewall issue.

There is one other guy who works here and did maintenance over the weekend, so I am almost confident that something may have gotten changed inadvertently, such as firewall rules. The firewall is ON/domain profile/for Blueapp but OFF/domain profile/for Greenapp. However since it is not critical and all systems are functioning I really would like to figure this issue out without his help, to prove to myself I can do it.

If I have missed anything to look at or if my logic is off, please let me know.



No comments:

Post a Comment