Having the same issue as this question: https://supportforums.cisco.com/discussion/11001836/site-site-ipsec-vpn-problem-while-access-http-traffic
Using a 5506 set up with an EasyVPN site to site tunnel. I'm guessing it's an issue with something on the inspect protocol list but nothing is jumping out at me. Here's my inspect list:
policy-map type inspect dns preset_dns_map parameters message-length maximum client auto message-length maximum 512policy-map global_policy class inspection_default inspect dns preset_dns_map inspect ftp inspect h323 h225 inspect h323 ras inspect rsh inspect rtsp inspect sqlnet inspect skinny inspect sunrpc inspect xdmcp inspect sip inspect netbios inspect tftp inspect ip-options
Any comments are appreciated.
Can you share the packet tracer for the concerned traffic ( use port 80/443 for the destination) ?
Also can you check the DNS settings of the clients who are trying to access these services ?
Please rate helpful posts and mark correct answers.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: