Hi, I have an 891 router setup to support 4 VLANS with 4 DHCP pools. I'm having great difficulty getting full internet access on the 3 VLANS that users will be connected to.
I have attached the full config.
Currently, anyone connected to VLAN 2 to 4 can ping external IPs, resolve names using DIG/NSLOOKUP. But when they try to browse to a website, it times out. After days and days of testing and rewriting configs and even resorting to using the CCP program, it seems that often, sites that are served over HTTPS are accessible. Very very few sites are viewable over HTTP.
- Is the FW policy inspecing HTTP traffic incorrectly?
- Is the NAT setup correct? I have tried various methods all with the same result.
- Can I debug something that might help? If so can you tell me what to debug.
Any thoughts, or possible sollutions will be welcomed, even if it's a bit crazy. I've utterly exhausted my knowledge of Cisco now and need help
Thanks a lot,
Solved! Go to Solution.
Mate! That seems to have worked perfectly!!
Can you please quickly explain what that does and is it ok to use it in there with the MTU setting?
Thanks so much,
Take a look at the usage guideline with explanation in this link:
When a host (usually a PC) initiates a TCP session with a server, it negotiates the IP segment size by using the MSS option field in the TCP SYN packet. The value of the MSS field is determined by the maximum transmission unit (MTU) configuration on the host. The default MSS value for a PC is 1500 bytes.