Hot!clients unable to browse internet at remote site.

Author
cwb2205
New Member
  • Total Posts : 19
  • Scores: 0
  • Reward points: 0
  • Joined: 2019/07/01 17:15:39
  • Status: offline
2019/09/16 01:36:58 (permalink)
0

clients unable to browse internet at remote site.

Ran into a strange issue today where clients connecting to the wifi at a remote building were unable to browse the internet but the wifi says there is internet, The clients can resolve names through nslookup they can ping wubsites but can not browse (connection times out)
 
The set up is a bit strange but here it is.
Remote site has a cisco switch, it has a trunk port to the fortigate, that port is assigned to a software switch. 
There is a site to site vpn configured with vxlan encapsulation and that vpn is in the software switch too.
In the main campus there is the same basically vpn and a port in a software switch and the port trunked to the core network. 
 
There seems to be good connectivity as the APs in the remote site can connect to the wifi controller in the campus and the building access system also talks back to the servers.
 
I just can't work out why if the client can resolve dns and ping and traceroute to website that it can no browse. I have checked all logs and there is nothing blocking the traffic. I have also tried statically assigning a dns server on the client.
 
Any ideas would be appreciated.
#1

1 Reply Related Threads

    cwb2205
    New Member
    • Total Posts : 19
    • Scores: 0
    • Reward points: 0
    • Joined: 2019/07/01 17:15:39
    • Status: offline
    Re: clients unable to browse internet at remote site. 2019/09/17 01:14:44 (permalink)
    0
    I've boiled it down to an MTU setting but having some issue finding the solution. I have set the internet sub interface to mtu-1492 and I have set the software switch tcp-mss to 1390 to allow for overheads
    still no joy. 
    #2
    Jump to:
    © 2020 APG vNext Commercial Version 5.5