IPSEC HTTP/HTTPS on the end not reachable.....



  • Really Need Help;

    I have an IPsec tunnel up with a corporate company website publishing their service through the provided ipsec tunnel.

    both phases are up. am able to ping the remote sited but when ever i browse their website no response???

    Phase two as follows:

    IP 192.168.0.0/24
    NAT-T 172.31.31.10
    Remote: 172.20.100.225

    We changed the firewall to another brand and it is working with no issues.

    Hence: HTTPS HTTP are not working on the ipsec pf.

    Rules are allow all on all interfaces also the ipsec.

    What shall i do !!!!!



  • Play around with TCP MSS clamping. Start with a relatively safe, low value like 1350. If you use VTI, check your MTUs aswell.


Log in to reply