I have a UC540 configured as an Ezvpn server. I can establish a connection from a Cisco VPN client and connect all private addresses, register IP communicator etc. However when I try to connect to the web using a web browser it does not connect.
The client is receiving DNS entries from the server. I also tried using just the IP address instead of the DNS name and still able to connect out to the Internet. This is a full tunnel not split. I tried checking the box in the VPN client to make it a split tunnel and still unable to connect. Hosts at the main site (directly connected to the UC540) can connect to the Internet fine, its just via the Ezvpn they cannot. The Ezvpn subnet is included in the nat ACL.
Any advise would be appreciated.
Is this legacy or DVTI deployment?
If legacy, you might want to create a fake loopback (with "ip nat inside") and punt ezvpn subnet to it with a route-map.
If DVTI can you please check you have "ip nat inside" on the interface?
Running config would help ;-)