Internet Explorer 11- This Page Can Not be Displayed

We have several remote users who are unable to access websites such as Yahoo, Google, MSN.com. What I can offer is our organization  uses Cisco AnyConnect VPN for our remote users to access company information. When users are connected to VPN, they can access the sites listed above. We have users who are able to access the sites without making a VPN connection. Users who are unable to access the sites receive the message below in the IE11 Browser:

Turn on TLS 1.0, TLS 1.1, and TLS 1.2 in Advanced settings and try connecting to https://www.yahoo.com  again. If this error persists, it is possible that this site uses an unsupported protocol or cipher suite such as RC4 (link for the details), which is not considered secure. Please contact your site administrator.

We also deploy WSUS updates monthly to all workstations. I've applied the recommendations above and found no success. Any recommendations anyone can suggest are welcome. I appreciate your feedback in advance.
LVL 1
dlmyersdtaAsked:
Who is Participating?
 
dlmyersdtaConnect With a Mentor Author Commented:
Hello Maclean and John,

I wanted to provide you both with an update. The issue has been resolved. I deal some more research and I had to adjust the properties as it related to the access point for the users. I unchecked the Internet Protocol Version 6 (TCP/Ipv6) and left the Internet Protocol Version 4(TCP/IPv4) checked and found success navigating to the sites (yahoo and Google). What makes this unique is that I will have to apply this to each of the access points the users connects to under Network and Sharing Center for the sites to function properly. I appreciate everyone's assistance with this post.

Many Thanks,
0
 
John HurstBusiness Consultant (Owner)Commented:
For one remote user, start a LogMeIn or other remote access session not using VPN, start an admin command prompt and run TCP/IP Reset and DNS Flush.

      
Open cmd.exe with Run as Administrator
Then  netsh int ip reset c:\resetlog.txt
Also, ipconfig /flushdns followed by net stop dnscache followed by net start dnscache
Then restart the computer

Have them exit, shut down, start up and test. See if that fixes the non-VPN connection and then try the same computer over VPN. Any change?
1
 
dlmyersdtaAuthor Commented:
Hi John,

I applied the steps you provided above and still receive the same message after a restart and launch of the IE 11 browser.
0
Free Tool: IP Lookup

Get more info about an IP address or domain name, such as organization, abuse contacts and geolocation.

One of a set of tools we are providing to everyone as a way of saying thank you for being a part of the community.

 
John HurstBusiness Consultant (Owner)Commented:
Try a new, test, Windows User Profile (Account). Log into the new Windows Account and test IE 11 in the new account. You could have a Windows Profile error.
1
 
MacleanSystem EngineerCommented:
Is a proxy set via GPO.
If yes, this will be your issue, you need to remove the proxy when at home.
A better way is to have a transparent proxy configured, or set proxy on DHCP login to domain, so when at home, it does not apply.
1
 
dlmyersdtaAuthor Commented:
Maclean, I'm thinking it may be something with the GPO or with Cisco Web Security. The user is able to access some sites, but not others. How do you remove a proxy when at home?

John, I did test out another profile and still run into the same message in IE with, "The Page Can Not Be displayed".
0
 
John HurstBusiness Consultant (Owner)Commented:
Go to Tools, Internet Options, Connections, click on LAN and uncheck Proxy. Make sure Automatic is ON but the script setting below is OFF.
1
 
dlmyersdtaAuthor Commented:
Hi John,

I gave this a try and found no success. I connected to VPN and found success connection. I'm thinking we may have to make some adjustments to our firewall by allowing the sites or checking the settings for the bindings for the IIS site. From what I read online if it's a single IP address, it should be changed to allow All Assigned. Do you feel this may help with reaching a resolution?
0
 
MacleanSystem EngineerCommented:
So to get things straight.
When a user takes his work laptop home, and connects to his/her personal internet at home, they cannot access websites including Yahoo.com
As soon as they connect to VPN, they can access these sites.
Have you asked users to test by:

-Turn of firewall on laptop
-Try another browser

My area's of interest would be:

-Any web filtering by Anti-Virus (Check configurations)
-Firewall Rules
-Group Policies regarding firewall and or browser behavior
-Host file amendments
-Proxy

However as I do not have any insight into how these are configured, or what the products are, you would need to check on your end if any of the settings are configured to not allow particular types of browsing.
I am assuming that if a user grabs his/her personal computer or Smart Phone/Device and browses, there are no issues.
1
 
John HurstBusiness Consultant (Owner)Commented:
I connected to VPN and found success connection. ... From what I read online if it's a single IP address, it should be changed to allow All Assigned  <-- VPN should allow a subnet on the office end and single IP on the remote client application
1
 
dlmyersdtaAuthor Commented:
Maclean,

That would be correct, when the user has their notebook at home and tries to access sites (Yahoo, Google) they receive the message, "The page can not be displayed". What is strange is they are able to access other sites such as MSN, etc., but it's just particular sites that are no accessible when not connected to VPN. We currently just use IE in our environment, but I will try the steps you recommended and let you know my findings.  That would be also correct with the user utilizing their personal computer or smart phone device and finding success connecting to sites.

John,

I will look into this on our end and let you know if we have these settings applied in our environment for our remote users.
0
 
MacleanSystem EngineerCommented:
Thanks for the update. That makes sense.
There is actually a Microsoft Fixit to prefer IPv4 over IPv6. Disabling IPv6 on the NIC direct is so called "Bad practice"  so perhaps turn it on, and run the hotfix to prefer IPv4, or the hotfix to properly disable IPv6

I was aware of this issue, but did not link the symptoms, and might not have linked them till you mentioned it. Its pretty rare. So good spotting. I would suggest you close the call marking your own answer as solution.
1
 
dlmyersdtaAuthor Commented:
Applying steps from the last post solved my issue.
0
All Courses

From novice to tech pro — start learning today.