07-27-2009 10:14 PM - edited 02-21-2020 04:18 PM
Hi all!
I'm trying to construct the following scheme for the users. Some of them went to the Internet directly from the device through NAT, some access to the Internet via a device located at the other end of the gre-ipsec tunnel. But here the problem occurs. Almost all sites are not opened (except Google), though I can perform ping and traceroute to them (of course, through vpn). I thought that the problem may be in cipher and I tried to delete the IPSEC, leaving only the GRE tunnel. But the problem is not solved.
What could be the problem?
Thank you!
07-28-2009 02:28 AM
have you tried reducing mtu size of hosts using gre tunnel? - had similar issue with a gre tunnel and hosts unable to access some websites. this document explains reasons why:
http://www.cisco.com/en/US/tech/tk827/tk369/technologies_tech_note09186a0080093f1f.shtml
hth
andy
07-28-2009 02:59 AM
Andy, thanks a lot!
This is a solution!
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide