ASA 5550 VPN Ipsec works but not able to browse the internet

Unanswered Question
Sep 21st, 2009

Hi,


We have setup an asa 5550 with ipsec. When I have build up the vpn connection and then try to ping a external (internet) address it works but when I try to browse it will not work. Is this an firewall issue on the ASA?



Thx,


Marc

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Collin Clark Mon, 09/21/2009 - 12:04

Marc-


Sounds more like a DNS issue, so let's check that first. Can you ping a site by name (ping slashdot.com)?





MJonkers Mon, 09/21/2009 - 21:51

Hi Collin,


I can resolve the ip address and i can ping the address. But I cannot browse.


Marc

MJonkers Mon, 09/21/2009 - 22:29

Hi Collin,


Futher testing reveals that the asa blocks returning traffic. I can see the traffic leaving our network to the internet and returning traffic entering our network. It stops at the asa.

I have enclosed the config file of the asa.


thx Marc



Attachment: 
MJonkers Tue, 09/22/2009 - 02:05

Hi, I solved the problem. I had to add a tunneled interface on the inside network.


thx,


Marc

Collin Clark Tue, 09/22/2009 - 05:25

Marc-


Glad to hear you worked through it. Can you explain or give the command of your added tunnel interface?

MJonkers Tue, 09/22/2009 - 07:18

Hi,


yes the command is:


route inside 0.0.0.0 0.0.0.0 137.120.xxx.xxx tunneled


Marc

Actions

This Discussion