Issues with HTTPS:// websites over DSL, NAT

Unanswered Question
Aug 4th, 2010
User Badges:

All,


A quick question:


Customer of ours uses a broadband connection for internet access through 28xx series router, using an ipsec tunnel, and IOS c2800nm-advipservicesk9-mz.124-21a.bin.


Found it was cured by adding 'ip inspect internet in' under the LAN interface.


Has anyone else seen oddball internet issues caused by the absence of this?


Config extract (if it helps):

....
no ip domain lookup
ip domain name xxxxx
ip inspect name internet udp
ip inspect name internet tcp
ip inspect name internet ftp
ip inspect name internet realaudio
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip ips name AUDIT.1
vpdn enable


Under the LAN interface:


interface FastEthernet0/0
description Customer Back Office LAN
ip address xxxxx yyyyyy
ip access-group LANSIDE in
no ip redirects
ip nat inside
ip inspect internet in
ip virtual-reassembly
ip route-cache flow
duplex full
speed 100
service-policy input no_marking
no shutdown
!

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.

Actions

This Discussion