We have had a UC500 up and configured at our main site for a few months now. Everything seems to be running well, and we decided to extend the system out to some of our smaller satellite offices. We have a few SR520's and 7961 handsets to deploy to these sites.
If we set up a VPN server on the UC500 using the EZVPN server through CCA 2.0, and then set up the SR520 VPN Remote settings through CCA 2.0, we can get a tunnel activated between the two sites, and the phones will register back to the UC500. But something strange is happening whereby the the phones are staying connected, and inbound and outbound calling works both from the main site and the remote site, but internet utility is lost (our browsers cannot reach outside addresses nor will our mail clients). There is obviously still internet connectivity, as all of our calling on the system is over SIP trunks (and the phones are still working fine). This problem persists for any computer connected to the main site through the VPN tunnel. I am a bit stumped.
Is there something simple that I am missing? I know there are a number of applicable documents for remote teleworker set up, but all the documents I've found are a.) for the UC500 to 871 series routers, and b.) for configuration by CLI. Is there a guide for doing a multisite deployment like this through CCA (and with UC500 to SR520)?
Thank you for your time.
Alliance for Inclusion and Prevention