I have a UC540 that is set up to get a DHCP IP address from a public netblock on my network.
We also have a SR520 that is going to be deployed at a remote office once I get it fully configured.
The UC540 is set up as a EZVPN server
The SR520 is set up as a EZVPN client.
Everything works great with both units firewalls disabled.
When I use CCA to turn on the firewall to any setting (low, med, high), correctly setting up the inside and outside interfaces, wierd things start to happen.
All comms accross the tunnel work as normal.
The problem is that certain web sites won't load.
Yahoo loads great, google won't load for example.
The problem seems to be sites that possible have a redirect involved in loading the site, but thats just a guess.
Anybody else seen this problem?
It's frusterating because I'm trying really hard to use CCA for all the configuration. I could build a ACL based firewall easy enough using the CLI, but its my understanding that we're spupoused to use CCA.