Why am I able to ping but not do tracepath over my Layer 3 VPN?

I am running a Layer 3 (L3) VPN between two edge routers and have connected one router to a Linux host client. I tried to ping an IP address from the client present on the other router that was learnt via my Border Gateway Protocol (BGP) VPN. It's pinging, but I am unable to do tracepath from the client. I get a "No Reply" after it goes to the interface of the router connected to the client. Why is this happening?

Have you tried using traceroute instead of tracepath? Tracepath uses a range of User Datagram Protocol (UDP) ports, one or many of which might be blocked at the firewall. I suspect this is what’s happening, although I recommend further testing and analysis to figure out the root cause. Also, sometimes tools with lower privilege levels have limitations. For your situation, I suggest trying traceroute and also verifying the firewall protocols. Given what you’ve described, the IP routing appears to be functional.

View other responses to this question on the IT Knowledge Exchange (please note: SearchEnterpriseWAN.com and IT Knowledge Exchange registration are the same): Able to ping L3 VPN but unable to do tracepath

Email your VPN-related questions to editor@searchenterprisewan.com

Related Resources

Tackling Mobile Security and BYOD Risks –SearchSecurity.com
UK IT Priorities 2016 –ComputerWeekly.com
IT Security Purchasing Intentions 2013 –ComputerWeekly.com
Computer Weekly – 29 May 2018: Tech's role in tackling humanitarian crises –ComputerWeekly.com

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

Meet all of our Networking experts

View all Networking questions and answers

Related Resources

Dig Deeper on Network Security

Related Q&A from Rainer Enders

Have a question for an expert?

Start the conversation

0 comments

Register

Login

Forgot your password?

Your password has been sent to:

Please create a username to comment.