Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

vpn client and https issue

When a vpn (software) client connects to the network, there is no ability to https (443) to any outside websites. Internal https sites respond fine. Outside sites just time out. Concentrator is 3002 - clients are winXP using Cisco client version 4.8.x. We use a Checkpoint firewall and rules are in place allowing https outbound for vpn clients. In checking the logs I see vpn client https traffic being allowed out - no drops. But no sites respond. Any ideas? Sorry if this has been asked before - I did a brief scan and didn't seen anything obvious. Thanks in advance....

7 REPLIES
Silver

Re: vpn client and https issue

See if you are able to ping the sites.Try opening up ports 10,000 - 10,005 for Outbound HTTPS access.Check for the latest browser version you are using.

New Member

Re: vpn client and https issue

Cannot ping the sites. IE 7 is the browser version. Thanks.

Cisco Employee

Re: vpn client and https issue

Hi,

ARe you able to telnet on port 443 to any of those sites ? If yes, then,

Try lowering down the MTU on the VPN client adapter by 100 bytes each time, till you get any success using "Set MTU" utility.

*Please rate if helped.

-Kanishka

New Member

Re: vpn client and https issue

No telnet on 443 does not work either. Thanks for the idea though.

Cisco Employee

Re: vpn client and https issue

Hi,

Do you have split tunneling enabled ? Are you able to access the "http" sites on Internet ?

-Kanishka

New Member

Re: vpn client and https issue

split tunneling is not enabled. http sites work fine. https sites within the network itself work fine. everything outside is inaccessible (https). thanks again

Cisco Employee

Re: vpn client and https issue

I would say you dhould try adjusting(lowering down) the MTU, as VPN client changes the MTU for all the n/w adaptors.

Let me know if this helps.

-Kanishka

129
Views
0
Helpful
7
Replies