Re: No Internet Access - until uncheck auto detect in IE

brentwoodind · ‎05-27-2008

When a user connects to our PIX 506E they are able to access the internal network. but cannot access the internet. they appear to be going through our internal ISA server. I have split tunnel turned on. On the client I right click icon in task bar and select stats - route details. And see my internal networks and SM's.

When I open IE and UN-check automatically detect settings on the LAN settigns, internet access works.

msubtain · ‎06-05-2008

When you go to stats and click on route details, can you see ur internal network in secured routes?

brentwoodind · ‎06-09-2008

msubtain,

Thank you for the reply.

Yes I see my internal network in the secured routes. The LAN routes are empty.

Now the tunnel details tab has under transport Local LAN disabled. Even though if I modify the connection enrty to allow local LAN access.

Farrukh Haroon · ‎06-09-2008

You can either use split tunnel (tunnel specified) or local lan at the same time (exclude specified with source set as 0.0.0.0 in ACL). They are mutually exclusive.

The reason why it might not be working when auto-detect is enabled; you might have WPAD configured on your EZVPN Server network and it would be taking the internet traffic from the client machine through your Proxy located behind the EZVPN Server, instead of going directly from VPN Client >> Internet.

Have a look at:

http://www.google.com/url?sa=t&ct=res&cd=1&url=http%3A%2F%2Fen.wikipedia.org%2Fwiki%2FWeb_Proxy_Autodiscovery_Protocol&ei=QOFNSK_qCpDynQPxg5jYDA&usg=AFQjCNFkqx6nfLM20sLGAGLAcPw5kOX-uw&sig2=mdwjTCTYgMnLl26WoBOyHg

Regards

Farrukh