Updated on 2024-07-23 GMT+08:00

A Client Cannot Ping an ECS IP Address

Symptom

A client is connected to a P2C VPN gateway, but cannot ping an ECS IP address.

Possible Causes

  • Ping detection is disabled on the client device or ECS.
  • The local CIDR block of the VPN gateway does not contain the IP address of the ECS to be accessed.
  • Ping detection packets are denied by a security group of the ECS.

Procedure

  • Check whether ping detection is disabled in an access control policy of the client device or ECS. If so, modify the policy to permit ping detection.

    For the Windows operating system, you also need to modify the inbound rules of the firewall to permit ICMPv4-In.

  • On the Server tab page of the VPN gateway, change the local CIDR block to include the IP address of the ECS to be accessed. Then, disconnect the client, reconnect it, and run the following command to check whether the client device receives the route advertised by the VPN gateway:
    • Windows operating system: route print command
    • Linux operating system: ip route show all command
  • Verify that the inbound and outbound rules in the ECS's security group permit ICMP packets.