DEC750: nodes on ports cannot communicate with one-another

[bernardgut]

Hello

I just got my DEC750 and here is the configuration:

Interfaces:
- ax0 : 10GbLan 192.168.1.1/24
- ax1: WAN
- igc0: LAN 192.168.100.1/24

Firewall:
- Auto generated rules for WAN & LAN with wizard then copy pasted the LAN ones to 10GbLan and edited the corresponding fields: e.g.:
- LAN: https://imgur.com/a/9u0P21s
- 10GbLan: https://imgur.com/a/slvMGq0
Misc:
- DHCP enabled in LAN
- DHCP disabled in 10GbLan

The problem is the following:
- I have a server that is configured with static IP 192.168.1.19/16  and BMC on static 192.168.4.1/16. (from a previous config). I can access neither of these IPs. For the 192.168.4.1 it makes sense because well its a different subnet. But for 192.168.1.19 I can see the host in the ARP table, I can ping it from the DEC750, but I cannot ping it from LAN : request timeout.

If I go to Firewall -> Logs -> Live logs, I can see the ICMP requests being accepted for the 10GbeLan interface. If I ping the corresponding port (192.168.1.1) from LAN (192.168.100.13) I get answers. if I traceroute, I can see the packets reach the 192.168.100.1 then its timeout.

if I unplug my client and plug in on the switch that is connected to ax0 (10GbLan 192.168.1.1/24) then assign myself an IP in the subnet then I can ping 192.168.1.19 no problem.

as I said there is nothing blocked in the firewall for 10GbLan as far as I can see in the logs.

Any help appreciated
thanks.

[Patrick M. Hausen]

Your netmasks/prefix-lengths do not match. /16 vs /24.

[bernardgut]

Hello Patrick,

Actually after digging a bit I fixed it.

The issue was not the netmask (although they did not match the connectivity should still be possible). The issue was a faulty ip table configuration on the server. I purged the ip tables and I managed to reach the host. Then I could update the IP config of both the IPMI (ipmitool) and the local NIC

ALL GOOD! Thanks

Great product BTW