Ipsec site to site problem web server

runaway19

I have a tunnel ipsec, where the remote network needs access to a web server, I can verify the rules and I made a telnet from the remote local network to the web server responds but entering by browser (chrome, mozilla, etc) don't respond.

This is my version firewall 2.3.4-RELEASE (amd64)
FreeBSD 10.3-RELEASE-p19

Any ideas?

viragomann

@runaway19 said in Ipsec site to site problem web server:

but entering by browser (chrome, mozilla, etc) don't respond.

By the web servers public host name?
You have to add a DNS override on the remote site for this host name, pointing to its local IP address.

runaway19

@viragomann said in Ipsec site to site problem web server:

By the web servers public host name?
You have to add a DNS override on the remote site for this host name, pointing to its local IP address.

Thanks for your answer. The web server network is internal, not public.

runaway19

nobody knows?

Konstanti

@runaway19

Hey
try reducing the MSS value

VPN/IPsec/Advanced Settings

for example

runaway19

Apply that change and the problem still persists.

Konstanti

@runaway19
Try to start tcpdump during the connection and show what is happening at this moment

viragomann

@runaway19 said in Ipsec site to site problem web server:

The web server network is internal, not public.

My question was, how do you try to access it?
By its public hostname or by its public IP or by its internal hostname or IP?