Cisco Support Community
Community Member

Issues with HTTPS:// websites over DSL, NAT


A quick question:

Customer of ours uses a broadband connection for internet access through 28xx series router, using an ipsec tunnel, and IOS c2800nm-advipservicesk9-mz.124-21a.bin.

Found it was cured by adding 'ip inspect internet in' under the LAN interface.

Has anyone else seen oddball internet issues caused by the absence of this?

Config extract (if it helps):

no ip domain lookup
ip domain name xxxxx
ip inspect name internet udp
ip inspect name internet tcp
ip inspect name internet ftp
ip inspect name internet realaudio
ip auth-proxy max-nodata-conns 3
ip admission max-nodata-conns 3
ip ips name AUDIT.1
vpdn enable

Under the LAN interface:

interface FastEthernet0/0
description Customer Back Office LAN
ip address xxxxx yyyyyy
ip access-group LANSIDE in
no ip redirects
ip nat inside
ip inspect internet in
ip virtual-reassembly
ip route-cache flow
duplex full
speed 100
service-policy input no_marking
no shutdown

CreatePlease to create content