Hello,
I'm hoping for some direction in troubleshooting a change to our network. The problem is that users VPN'd into a Cisco ASA 5510 firewall are unable to access internal website even though I can ping, traceroute, RDC, etc. into the same servers.
This use to work and I've been unsuccessful in figuring out what changed.
I would like direction on how to track this down.
The systems have been installed for years (literally) and worked up and till the middle of June. Something obviously changed in June as now no user that is connected via a VPN (typical Cisco IPSEC tunnel) is able to access internal servers via http:// .......
For example:
I can ping, traceroute and access file shares on server 10.143.6.10 but I cannot access http:/
It appears my whole server subnet (10.143.6.0/24) doesn't work for "http" when it did a little over a month ago and it still works for other types of connections (ping, traceroute, RDC, etc.)
How should I go about troubleshooting this? I'm guessing it must be a ASA config change, but comparing the conf from 2012 and from today doesn't point out any discrepancies. (UPDATE: I'm not so sure that it is an ASA issue any more, but I don't know how to check. Packet trace on the ASA comes back fine.)
(I was concerned about dropping in a whole ASA config from a year ago.)
To summarize all works great while at internal ip address of 10.143.1.50, but if I'm given the same address of 10.143.1.50 while on the VPN (dhcp is same for both) I cannot access port 80 while on the VPN.
This is not a DNS issue as I'm using IP address to remove the DNS as being a problem.
Any thoughts direction on how to start tracking this down?
Thank you.