Split Tunnel Blocks http through tunnel but passes http around tunnel

Discussion in 'Cisco' started by a.nonny mouse, Sep 16, 2004.

  1. I've created a tunnel between two offices using a 501 and 506e. All
    functions of the firewall work normally. I can get on the Internet, pass
    E-mail, telnet, ftp etc. However I cannot get to a private Extranet behind
    the 506e. I can ping, ftp and e-mail but http traffic does not get through.
    In the web browser I get "Web site found, waiting on host" in the status bar
    but nothing else.

    Any thoughts on where to start looking?
     
    a.nonny mouse, Sep 16, 2004
    #1
    1. Advertising

  2. a.nonny mouse

    Scooby Guest

    "a.nonny mouse" <> wrote in message
    news:C2j2d.165812$%...
    > I've created a tunnel between two offices using a 501 and 506e. All
    > functions of the firewall work normally. I can get on the Internet, pass
    > E-mail, telnet, ftp etc. However I cannot get to a private Extranet

    behind
    > the 506e. I can ping, ftp and e-mail but http traffic does not get

    through.
    > In the web browser I get "Web site found, waiting on host" in the status

    bar
    > but nothing else.
    >
    > Any thoughts on where to start looking?
    >
    >


    How are you defining what goes through the tunnel. Have you set a list of
    'interesting traffic'? What does that look like?
     
    Scooby, Sep 16, 2004
    #2
    1. Advertising

  3. a.nonny mouse

    Rob Guest

    "a.nonny mouse" <> wrote in message news:<C2j2d.165812$%>...
    > I've created a tunnel between two offices using a 501 and 506e. All
    > functions of the firewall work normally. I can get on the Internet, pass
    > E-mail, telnet, ftp etc. However I cannot get to a private Extranet behind
    > the 506e. I can ping, ftp and e-mail but http traffic does not get through.
    > In the web browser I get "Web site found, waiting on host" in the status bar
    > but nothing else.
    >
    > Any thoughts on where to start looking?


    Make sure as said that your acls are checking the correct traffic then
    try reducing the tcp packet size on your ethernet interfaces on both
    sides.
    try first with "ip tcp adjust-mss 1380".
    The max i think is 1480 but you will find a level that will work in
    your setup.
    Let me know!
     
    Rob, Sep 19, 2004
    #3
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. Mephesto
    Replies:
    0
    Views:
    1,216
    Mephesto
    Jun 24, 2005
  2. Arjan
    Replies:
    0
    Views:
    925
    Arjan
    Nov 2, 2005
  3. rambur
    Replies:
    5
    Views:
    633
    rambur
    Apr 25, 2007
  4. Dumbell

    a split is not a split

    Dumbell, Mar 9, 2009, in forum: Computer Support
    Replies:
    3
    Views:
    635
    Keyser Söze
    Mar 9, 2009
  5. milan_9211

    HTTP SOAP/HTTP GET/HTTP POST

    milan_9211, Jan 10, 2011, in forum: Software
    Replies:
    0
    Views:
    3,184
    milan_9211
    Jan 10, 2011
Loading...

Share This Page