Networking: pc----USG2110----internet. Users can ping public network gateway and local DNS, but cannot open the web page.
1. Guide the user to change the DNS address for the correct address, the problem is solved.
1. Landing equipment inspects packet filtering rules and NAT configuration, they are correct. Eliminate configuration problem.
2. From the equipment can ping DNS public network gateway, eliminate network reason.
3. Because users PC cannot ping and remote login, doubt it is caused by mtu, try to change the mtu value of the internal network interface, has no effect.
4. Check session table, check the NAT translation, found the problem. User NAT translation is no problem, but found a large number of DNS requests, but target address is the private network address.
[jiangujiang]dis firewall session table
1. When meeting the situation that users can’t access to the Internet, can check session table, check whether the NAT translation has problem and the user DNS requesting address is correct.