After I connect to VPN, I cannot access the Web.

Unanswered Question
Jan 3rd, 2010
User Badges:

Hi there,

I am having some trouble. I am using Cisco AnyConnect VPN Client version 2.3.2016. I am running Windows 7 64-bit.

With most available WiFi connections I am able to connect to the vpn and access web or mail easily with out any problems. However, in my own home when I connect to the vpn, I am unable access the web. I dont know the lingo, but basically it says it can find the website and then trys to load it for the next couple of hours without any success.

I am assuming it is therefore a problem with my router/modem. I just recently bought a new Linksys modem to try to fix it. The model is: WAG54G2.

Are there any settings that I need to change on my router/modem? I have been looking into it on the Linksys website and have tried a number of things, but I haven't had any success.

What do you think the problem is?

Thanks for the help!!


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
dmooregfb Mon, 01/04/2010 - 03:30
User Badges:

Have you check your DNS setup? Sounds like the problem.

phil.jamison Mon, 01/04/2010 - 09:00
User Badges:

I have not checked my dns setup. What do I need to make sure I change?

I can look some things up online and see if I can find out some more info regarding dns while using a vpn, but what is it i need to do?

Thanks so much.

JAMES HAYNES Mon, 01/04/2010 - 07:22
User Badges:

This sounds like it could be an MTU issue. I don't use the AnyConnect client but can you set the MTU to 1300 bytes like the Cisco VPN client?

phil.jamison Mon, 01/04/2010 - 09:04
User Badges:

I tried changing the MTU to 1300, but it still has the same issue. Thanks for the attempt! I appreciate it.

Javier Portuguez Mon, 01/04/2010 - 09:11
User Badges:
  • Red, 2250 points or more

At this point I would recommend you the following:

1- Double-check your Router/Modem device, make sure there is not rule nor misconfiguration issue in place.

2- When connected with the AC try to ping, doing this we identify where the problem is, if this test goes fine, it means that you are able to reach the Internet but somehow your computer can not solve DNS names.

3- As mentioned before, check out your DNS settings and reduce the MTU to 1200.

phil.jamison Mon, 01/04/2010 - 11:23
User Badges:

I double-checked my router/modem. I think it is all fine. I haven't changed anything on it except the MTU to 1200.

I connected to the AC and pinged It was a success.

I looked over some of my DNS settings in TCP/IPv4 and TCP/IPv6 properties. I am not sure what they are supposed to be. My wireless and local area connections are set up like this (refer to picture):

Capture.PNGThey are also set to obtain IP address and DNS servers automatically.

However, on the VPN Client connection. It is set up a little differently. The IP address and DNS servers are set specifically. (they are blank until I run AC) and then the DNS server addresses are displayed on the picture above. Other than that they are the same as the other connections.

I thought the problem might be with the router settings because I don't have any problems until I am at home with this router and Internet, but I don't know.

Thanks again for all the help. If you need any other information, please let me know. It is a huge help for me to try to figure this out. I don't know what the issue is and would love to be able to use the VPN at home.

phil.jamison Mon, 01/04/2010 - 11:26
User Badges:

sorry for duplicate post.

Message was edited by: Phil Jamison

Javier Portuguez Mon, 01/04/2010 - 11:33
User Badges:
  • Red, 2250 points or more

Thanks for the reply..

Can you access any web site by IP address ?

phil.jamison Mon, 01/04/2010 - 13:52
User Badges:

I am going to say that I cannot connect to a site with an IP address.

I used the NSLOOKUP command while on and off the VPN and took those IP addresses from a website. Then I tried both while connected to the AC VPN and neither came up in Internet explorer.

I tried the   ping -a    command on both of those IP addresses while on the AC VPN and both of them had success.

thanks for sticking with me here. I am learning as I go.

hdashnau Mon, 01/04/2010 - 13:09
User Badges:
  • Cisco Employee,

-When you are connected, right click on the anyconnect icon in your system tray. Go to the details of the connection and look at the "route details" If it says all then you are trying to tunnel all traffic through the VPN and the headend needs to be configured for U-turn to get it back out to the internet. If you see specific networks in there, it is a better sign because it means split tunneling is setup already

-Right click on "My network places" and go to Properties. Then go to Advanced>Advanced Settings and make sure the anyconnect adapter is at the top of the list.

-Test with "nslookup" with an IP, a hostname, and an fqdn to see what is resolving and what is not and who is doing the resolving.

phil.jamison Mon, 01/04/2010 - 15:02
User Badges:


-I checked out the route details and found all zeros.

Capture csco.PNG

So, is this the issue? I thought that all the traffic was meant to run through the VPN. But i guess it would make sense if it needs to U-turn to be recieved. Is configuring the headend the same thing as split-tunneling? Does it make sense that my home router would cause this problem?


-I did find that the anyconnect adapter was on top of the list. Althought it was a little hidden in Windows 7.

-As far as testing with "nslookup" what do you reccomend? I have tried resolving and its IP and they came up a success, both on and off the VPN. While off the VPN it was using the ISP here and on the VPN it was using the VPNserver. At least thats my understanding... Any further testing i should do?

Thanks so much for the help!!!!

phil.jamison Mon, 01/04/2010 - 15:04
User Badges:

hrm... for some reason my posts are duplicating... sorry!

Message was edited by: Phil Jamison

phil.jamison Tue, 01/05/2010 - 11:14
User Badges:

So, here is something interesting.

I brought my modem/router and computer to friends house. I plugged my modem/router into their phone line and used their PPPoE username and password. When I did that, everything worked fine. I could connect through AC to the internet easily.

Bring it back home and still the same problem. Does that mean that the problem lies with my ISP? I have the same ISP as my friend, but maybe my account has some different settings. I think theirs is has limitless access and I get charged a certain amount for the data I use.... maybe that makes a difference... I am lost at this point of time.

Any thoughts?


This Discussion

Related Content