02-28-2007 06:08 AM
When a vpn (software) client connects to the network, there is no ability to https (443) to any outside websites. Internal https sites respond fine. Outside sites just time out. Concentrator is 3002 - clients are winXP using Cisco client version 4.8.x. We use a Checkpoint firewall and rules are in place allowing https outbound for vpn clients. In checking the logs I see vpn client https traffic being allowed out - no drops. But no sites respond. Any ideas? Sorry if this has been asked before - I did a brief scan and didn't seen anything obvious. Thanks in advance....
03-06-2007 07:22 AM
See if you are able to ping the sites.Try opening up ports 10,000 - 10,005 for Outbound HTTPS access.Check for the latest browser version you are using.
03-08-2007 05:24 AM
Cannot ping the sites. IE 7 is the browser version. Thanks.
03-07-2007 03:28 PM
Hi,
ARe you able to telnet on port 443 to any of those sites ? If yes, then,
Try lowering down the MTU on the VPN client adapter by 100 bytes each time, till you get any success using "Set MTU" utility.
*Please rate if helped.
-Kanishka
03-08-2007 05:23 AM
No telnet on 443 does not work either. Thanks for the idea though.
03-08-2007 05:30 AM
Hi,
Do you have split tunneling enabled ? Are you able to access the "http" sites on Internet ?
-Kanishka
03-08-2007 05:36 AM
split tunneling is not enabled. http sites work fine. https sites within the network itself work fine. everything outside is inaccessible (https). thanks again
03-08-2007 05:45 AM
I would say you dhould try adjusting(lowering down) the MTU, as VPN client changes the MTU for all the n/w adaptors.
Let me know if this helps.
-Kanishka
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: