ASA 5550 VPN Ipsec works but not able to browse the internet

Unanswered Question
Sep 21st, 2009

Hi,

We have setup an asa 5550 with ipsec. When I have build up the vpn connection and then try to ping a external (internet) address it works but when I try to browse it will not work. Is this an firewall issue on the ASA?

Thx,

Marc

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Collin Clark Mon, 09/21/2009 - 12:04

Marc-

Sounds more like a DNS issue, so let's check that first. Can you ping a site by name (ping slashdot.com)?

MJonkers Mon, 09/21/2009 - 21:51

Hi Collin,

I can resolve the ip address and i can ping the address. But I cannot browse.

Marc

MJonkers Mon, 09/21/2009 - 22:29

Hi Collin,

Futher testing reveals that the asa blocks returning traffic. I can see the traffic leaving our network to the internet and returning traffic entering our network. It stops at the asa.

I have enclosed the config file of the asa.

thx Marc

Attachment: 
MJonkers Tue, 09/22/2009 - 02:05

Hi, I solved the problem. I had to add a tunneled interface on the inside network.

thx,

Marc

Collin Clark Tue, 09/22/2009 - 05:25

Marc-

Glad to hear you worked through it. Can you explain or give the command of your added tunnel interface?

MJonkers Tue, 09/22/2009 - 07:18

Hi,

yes the command is:

route inside 0.0.0.0 0.0.0.0 137.120.xxx.xxx tunneled

Marc

Actions

This Discussion