Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

S2S IPSec VPN - can ping but no HTTP

i have a site to site VPN tunnel setup and the tunnel is up. I can successfully ping through the tunnel from device to device but when i try to pull up a HTTP page off a web server on one side of the tunnel, it fails.

the ACLs are set to allow any IP traffic..

ASA on one side is v8.3 and the other side its 9.1

Anyone run into this before??

3 REPLIES
Silver

Can you send the output of sh

Can you send the output of sh crypto ipsec sa on both the side..

 Also check if there is any vpn-filter is applied under group-policy on any of the ASA.

New Member

Thanks for the responses. I

Thanks for the responses. I found out the issue was with a ScanSafe configuration and i had to add my HTTP site as part of the whitelist..

New Member

In general, ping work and

In general, ping work and other traffic no work is due to packet size > path mtu.

you can try to lower host MTU or MSS slamping or disable pmtu totally on host.

240
Views
0
Helpful
3
Replies
CreatePlease to create content