Thread Info
  • State Not Answered
  • Locked Locked
  • Replies 12 replies
  • Subscribers 1 subscriber
  • Views 3387 views
  • Users 0 members are here
Options
Suggested
This discussion has been locked.
You can no longer post new replies to this discussion. If you have a question you can start a new discussion

Cisco VPN: unable to browse

wingman
Hi All

I've just set up cisco VPN and I am able to connect to my home address. The vpn clients get an ip from the DHCP VPN cisco pool (10.242.5.0/24) . I am unable to connect to local resources or browse the internet. Cisco vpn client is allowed under the HTTP proxy, packet filter fules. I have no NAT /Mas in place at the moment for the vpn

I am however, getting the following on the pf:

2009:08:01-20:44:46 stuffman ulogd[3320]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" seq="0" initf="eth1" outitf="eth2" dstmac="00:b0:c2:02:e4:4f" srcmac="00:b0:c2:02:e3:c7" srcip="10.242.5.1" dstip="10.255.255.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="127" srcport="137" dstport="137" 
2009:08:01-20:45:00 stuffman ulogd[3320]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" seq="0" initf="eth1" outitf="eth2" dstmac="00:b0:c2:02:e4:4f" srcmac="00:b0:c2:02:e3:c7" srcip="10.242.5.1" dstip="10.255.255.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="127" srcport="137" dstport="137" 
2009:08:01-20:45:00 stuffman ulogd[3320]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" seq="0" initf="eth1" outitf="eth2" dstmac="00:b0:c2:02:e4:4f" srcmac="00:b0:c2:02:e3:c7" srcip="10.242.5.1" dstip="10.255.255.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="127" srcport="137" dstport="137" 
2009:08:01-20:45:01 stuffman ulogd[3320]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" seq="0" initf="eth1" outitf="eth2" dstmac="00:b0:c2:02:e4:4f" srcmac="00:b0:c2:02:e3:c7" srcip="10.242.5.1" dstip="10.255.255.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="127" srcport="137" dstport="137" 
2009:08:01-20:45:12 stuffman ulogd[3320]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" seq="0" initf="eth1" outitf="eth2" dstmac="00:b0:c2:02:e4:4f" srcmac="00:b0:c2:02:e3:c7" srcip="10.242.5.1" dstip="10.255.255.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="127" srcport="137" dstport="137" 
2009:08:01-20:45:12 stuffman ulogd[3320]: id="2001" severity="info" sys="SecureNet" sub="packetfilter" name="Packet dropped" action="drop" fwrule="60002" seq="0" initf="eth1" outitf="eth2" dstmac="00:b0:c2:02:e4:4f" srcmac="00:b0:c2:02:e3:c7" srcip="10.242.5.1" dstip="10.255.255.255" proto="17" length="78" tos="0x00" prec="0x00" ttl="127" srcport="137" dstport="137"



Could someone help?

Thanks


This thread was automatically locked due to age.
Parents
  • 0
    I am still unable to browse the net using vpn via my iphone. I can connect using L2TP VPN and the client has a proper ip. I've included the VPN Pool (L2TP) under the DNS,HTTP,IPS,user portal,web admin
    I have a pf in place to allow http access and there is a Masquerading rule in place as well (l2tp-->wan)

    I can see no traffic on the packet filter log/http/DNS  proxy :S (I am using 3G and the vpn is connected on my iphone)
    it can't even connect to astaro webadmin :S

    Iphone configuration
    -------------------
    Ip:10.242.3.2
    connected to 10.242.3.1

    It seems like a routing issue.


    I know that using Cisco™ VPN Client you can specify Any under the local network and that will do the trick. How about L2TP though?
    Any ideas?
    logfiles_20090826211403.zip
Reply
  • 0
    I am still unable to browse the net using vpn via my iphone. I can connect using L2TP VPN and the client has a proper ip. I've included the VPN Pool (L2TP) under the DNS,HTTP,IPS,user portal,web admin
    I have a pf in place to allow http access and there is a Masquerading rule in place as well (l2tp-->wan)

    I can see no traffic on the packet filter log/http/DNS  proxy :S (I am using 3G and the vpn is connected on my iphone)
    it can't even connect to astaro webadmin :S

    Iphone configuration
    -------------------
    Ip:10.242.3.2
    connected to 10.242.3.1

    It seems like a routing issue.


    I know that using Cisco™ VPN Client you can specify Any under the local network and that will do the trick. How about L2TP though?
    Any ideas?
    logfiles_20090826211403.zip
Children
No Data