06-24-2010 11:44 AM
Hi,
I have a UC540 configured as an Ezvpn server. I can establish a connection from a Cisco VPN client and connect all private addresses, register IP communicator etc. However when I try to connect to the web using a web browser it does not connect.
The client is receiving DNS entries from the server. I also tried using just the IP address instead of the DNS name and still able to connect out to the Internet. This is a full tunnel not split. I tried checking the box in the VPN client to make it a split tunnel and still unable to connect. Hosts at the main site (directly connected to the UC540) can connect to the Internet fine, its just via the Ezvpn they cannot. The Ezvpn subnet is included in the nat ACL.
Any advise would be appreciated.
Andy
Solved! Go to Solution.
06-25-2010 01:55 AM
Andy,
Is this legacy or DVTI deployment?
If legacy, you might want to create a fake loopback (with "ip nat inside") and punt ezvpn subnet to it with a route-map.
If DVTI can you please check you have "ip nat inside" on the interface?
Running config would help ;-)
Marcin
06-25-2010 01:55 AM
Andy,
Is this legacy or DVTI deployment?
If legacy, you might want to create a fake loopback (with "ip nat inside") and punt ezvpn subnet to it with a route-map.
If DVTI can you please check you have "ip nat inside" on the interface?
Running config would help ;-)
Marcin
07-01-2010 03:56 PM
Hi Marcin,
Thanks for the advise.
I went ahead and changed the nat list to a router map as you suggested and
it now works thanks for the help.
Andy
On Fri, Jun 25, 2010 at 2:56 AM, mlatosie <
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide