0. you are using GRE tunnel
1. you can ping google.com
2. you can not browse google.com
this mostly like the MTU issue
fix:
interface LAN-INTERFACE
ip mtu 1435
ip tcp adjust-mss 1385
ip policy route-map CLEAR-DF
route-map CLEAR-DF permit 10
set ip df 0
http://www.cisco.com/en/US/tech/tk827/tk369/technologies_tech_note09186a0080093f1f.shtml
Resolve IP Fragmentation, MTU, MSS, and PMTUD Issues with GRE and IPSEC
No comments:
Post a Comment