I recently added a 1711 router to one of our remote offices that was previously running only with a Linksys/ Cisco WRV54G router (in gateway mode, firewall enabled, block anonymous WAN request enabled). Given the attached picture and configuration of the 1711.
Can someone help explain why a client connected to the wireless router (192.168.199.0/24) can only pass DNS and ICMP to the internet and back with success. (This seems to me to rule out any NAT or Route issues) while all other attempts show that connections are attempted from the client, but never actually established.
I have enabled an inspection map that should allow all ICMP, HTTP(s), TCP, UDP, and fragment (though I'm not sure I need the fragment) return traffic (established internally) from the internet.
One last thought - which I didn't get around to trying is to see if a client connected directly to VLAN1 (instead of the Linksys) will have the expected internet access. Must the Linksys operate in router mode given my current configuration or does it even matter. If so what implications on routing does that have (if any)?