Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1802
Views
0
Helpful
6
Replies

PROBLEM WITH CISCO VPN CLIENT

veltech
Level 1
Level 1

‎09-16-2013 01:29 PM

Hi All,

Thought this would be an interesting topic to post to see if anyone else has experienced the same issue when using Cisco VPN client. The client is set up for hairpinning out of the head office firewall so that ACL controls can be applied to users in the group.

PROBLEM

When we start up VPN client on a windows 7 machine that terminates on an ASA, we can only get to the internet using Firefox. Chrome and MS IE will not open web pages. Our initial thought was that this was down to a simple DNS issue, but then quickly ruled this out as Firefox works seamlessly. There is some talk on various forums about doing a wind back on the versions of Chrome and IE but not sure if this is the problem.

TROUBLE SHOOTING SO FAR

All VPN outputs look normal and sh crypto ipsec sa is all good. We have played around with add ons and extensions in chrome but still can not open anything in either Chrome or IE.

Has anyone had this issue? and if so what was the cause and remedy....

Regards,

Labels:
0 Helpful
6 Replies 6

malshbou
Level 1
Level 1

‎09-17-2013 12:38 AM

Hi,

I would take Wireshark captures to trace the DNS resolutions and HTTP requests coming from IE  and Firefox. Then we will compare both.

------------------
Mashal Shboul

------------------ Mashal Shboul
0 Helpful

veltech
Level 1
Level 1
In response to malshbou

‎09-17-2013 02:01 PM

Hi Mashal,

We have taken Wireshark captures for all scenarios and they look normal. All domain names are getting resolved and can be seen in Wireshark. The problem still persists in that we can't open anything in Chrome or IE, but Firefox still works fine. We are going to configure an XP machine and see if we get the same issue. There have been a lot of Windows 7 updates recently and one of them may have caused this issue.

Any other ideas.

Thanks.

0 Helpful

rickacs001
Level 1
Level 1
In response to veltech

‎09-17-2013 02:23 PM

Check to make sure you are not pushing out invalid Proxy settings under your Group Policy section.

0 Helpful

veltech
Level 1
Level 1
In response to rickacs001

‎09-17-2013 02:36 PM

All policies seem OK and work fine with Firefox. Could you expand on any config specifically that you feel maybe causing this and we will take a look.

Thanks.

Sent from Cisco Technical Support iPad App

0 Helpful

rickacs001
Level 1
Level 1
In response to veltech

‎09-17-2013 02:46 PM

Chrome uses IE's proxy settings.  If you look under Configuration> Remote Access VPN> Network (Client) Access>Group Policies>Edit the Policy you are using>Advanced>Browser Proxy.  These are the settings that can be pushed down to your user.

If you click on the help for that page, it lists: "This dialog box configures attributes for Microsoft Internet Explorer."  Which explains why it doesn't affect Firefox.

0 Helpful

veltech
Level 1
Level 1
In response to rickacs001

‎09-19-2013 12:34 PM

Hi,

We have now tested this on an XP machine and Chrome, IE and of course Firefox all work fine. It would appear that this problem must therefore be a Windows 7 issue, particularly as there have been a lot of updates recently. We have another machine that will not work with Silverlight and all this has happened in the last week or so since all the updates.

rickacs001 - Do you think this might still be a config problem?

Thanks,

0 Helpful
Customers Also Viewed These Support Documents