I setup a Cisco VPN concentrator 3005 with preshared keys. I can connect to it perfectly (Phase II completes). I am able to ping inside my network and outside as well (split tunneling is not enabled). My problem is, no real traffic is getting through. I can ping www.yahoo.com and it resolves it and i recieve replies, but I cannot connect through Internet Explorer.
I'm using ESP, so NAT shouldn't be an issue. I shouldn't have to enable split tunneling. I would like to get this working without split tunneling for now.
I'm using the internal DB for users and internal dhcp pool.
Is your web browser configured to use a web proxy? It makes no sense that ICMP would be able to flow, but TCP based HTTP sessions wouldn't, unless there is a proxy or access lists in the mix. Is the 3005 behind a firewall?
I enabled IPSec over UDP on both concentrator and Client (not sure if this helps, but it works) and I added the gateway for the private interface under "Tunnel Default Gateway"
I think before, i did a tracert to cisco.com, it would go to the concentrator, the public int's gateway then out to the internet. Now it goes to the public int, private int default gateway and back through.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :