09-16-2013 01:29 PM
Hi All,
Thought this would be an interesting topic to post to see if anyone else has experienced the same issue when using Cisco VPN client. The client is set up for hairpinning out of the head office firewall so that ACL controls can be applied to users in the group.
PROBLEM
When we start up VPN client on a windows 7 machine that terminates on an ASA, we can only get to the internet using Firefox. Chrome and MS IE will not open web pages. Our initial thought was that this was down to a simple DNS issue, but then quickly ruled this out as Firefox works seamlessly. There is some talk on various forums about doing a wind back on the versions of Chrome and IE but not sure if this is the problem.
TROUBLE SHOOTING SO FAR
All VPN outputs look normal and sh crypto ipsec sa is all good. We have played around with add ons and extensions in chrome but still can not open anything in either Chrome or IE.
Has anyone had this issue? and if so what was the cause and remedy....
Regards,
09-17-2013 12:38 AM
Hi,
I would take Wireshark captures to trace the DNS resolutions and HTTP requests coming from IE and Firefox. Then we will compare both.
------------------
Mashal Shboul
09-17-2013 02:01 PM
Hi Mashal,
We have taken Wireshark captures for all scenarios and they look normal. All domain names are getting resolved and can be seen in Wireshark. The problem still persists in that we can't open anything in Chrome or IE, but Firefox still works fine. We are going to configure an XP machine and see if we get the same issue. There have been a lot of Windows 7 updates recently and one of them may have caused this issue.
Any other ideas.
Thanks.
09-17-2013 02:23 PM
Check to make sure you are not pushing out invalid Proxy settings under your Group Policy section.
09-17-2013 02:36 PM
All policies seem OK and work fine with Firefox. Could you expand on any config specifically that you feel maybe causing this and we will take a look.
Thanks.
Sent from Cisco Technical Support iPad App
09-17-2013 02:46 PM
Chrome uses IE's proxy settings. If you look under Configuration> Remote Access VPN> Network (Client) Access>Group Policies>Edit the Policy you are using>Advanced>Browser Proxy. These are the settings that can be pushed down to your user.
If you click on the help for that page, it lists: "This dialog box configures attributes for Microsoft Internet Explorer." Which explains why it doesn't affect Firefox.
09-19-2013 12:34 PM
Hi,
We have now tested this on an XP machine and Chrome, IE and of course Firefox all work fine. It would appear that this problem must therefore be a Windows 7 issue, particularly as there have been a lot of updates recently. We have another machine that will not work with Silverlight and all this has happened in the last week or so since all the updates.
rickacs001 - Do you think this might still be a config problem?
Thanks,
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide