10-25-2011 08:03 AM - edited 03-04-2019 02:02 PM
Hello all,
I have a funny problem and it is taking up my whole time.
I am doing a hub and spoke network through and ipsec vti.
after I have done the configurations, all works well but funny enough, I cannot access yahoo or cisco from the spoke. All other access to the internet works well without any problems. The only issue is that, I cannot access www.yahoo.com and www.cisco.com when the traffic goes through the tunnel.
Have anybody experienced this before?
PS there are no access-list blocking the traffic.
Could this be a BUG
Solved! Go to Solution.
10-25-2011 08:27 AM
Joseph,
This happened to me before with cisco.com hotmail.com and engadget.com. With the information provided I'd suggest you check fragmenation, I changed my MTU on the host machine and it was fine. I think i dropped it to 1300.
Newt
10-25-2011 08:22 AM
Hi
Doing trace route may help u see the trouble point.
HTH
Sent from Cisco Technical Support iPhone App
10-25-2011 08:27 AM
Joseph,
This happened to me before with cisco.com hotmail.com and engadget.com. With the information provided I'd suggest you check fragmenation, I changed my MTU on the host machine and it was fine. I think i dropped it to 1300.
Newt
10-25-2011 08:50 AM
I have set the host pc's mtu to 1300 but no luck. I can access all website when I take off the tunnel but immediately I put it back, yahoo.com cisco.com starts timing out.
Any more help will be appreciated
10-25-2011 10:12 AM
But every other website you try works? If other websites work I feel like it's a fragmentation problem.
So you take encryption off the tunnel interface and yahoo and cisco work? Are you static routing? any chance to see the two configs?
10-26-2011 03:31 AM
Hi all,
Thanks for all your help. The problem is resolved. It was the mtu issue on the host pc. Initially I set the mtu on a different LAN interface card. I changed the correct the mtu on the correct interface and BINGO!, things yahoo, cisco and all others came. Thanks Newt Work for your help.
10-26-2011 05:10 AM
Joseph, I've already answered your question in VPN section. Why do you created another discussion?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: