vpn client and https issue

Unanswered Question
Feb 28th, 2007

When a vpn (software) client connects to the network, there is no ability to https (443) to any outside websites. Internal https sites respond fine. Outside sites just time out. Concentrator is 3002 - clients are winXP using Cisco client version 4.8.x. We use a Checkpoint firewall and rules are in place allowing https outbound for vpn clients. In checking the logs I see vpn client https traffic being allowed out - no drops. But no sites respond. Any ideas? Sorry if this has been asked before - I did a brief scan and didn't seen anything obvious. Thanks in advance....

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
kaachary Wed, 03/07/2007 - 15:28

Hi,

ARe you able to telnet on port 443 to any of those sites ? If yes, then,

Try lowering down the MTU on the VPN client adapter by 100 bytes each time, till you get any success using "Set MTU" utility.

*Please rate if helped.

-Kanishka

peebnevins Thu, 03/08/2007 - 05:23

No telnet on 443 does not work either. Thanks for the idea though.

kaachary Thu, 03/08/2007 - 05:30

Hi,

Do you have split tunneling enabled ? Are you able to access the "http" sites on Internet ?

-Kanishka

peebnevins Thu, 03/08/2007 - 05:36

split tunneling is not enabled. http sites work fine. https sites within the network itself work fine. everything outside is inaccessible (https). thanks again

kaachary Thu, 03/08/2007 - 05:45

I would say you dhould try adjusting(lowering down) the MTU, as VPN client changes the MTU for all the n/w adaptors.

Let me know if this helps.

-Kanishka

Actions

This Discussion