Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
457
Views
0
Helpful
2
Replies

Cannot connect to internal network device using https with PIX 506e

theplace
Level 1
Level 1

‎11-20-2007 05:22 AM - edited ‎03-11-2019 04:33 AM

I have set up a SSL concentrator on my internal network with a fixed ip address, this device is accessed using https. It works fine on our internal network. Then on my PIX 506e I have configured a static route from the external ip address to the internal address and then an access rule to allow https traffic to the external address. When I go to https://external ip, I am not able to connect to the network device. Any ideas what I am doing wrong? See below for relevant config:

access-list outside_access_in permit tcp any host xxx.xxx.xxx.236 eq https

static (intf2,outside) xxx.xxx.xxx.236 SSL netmask 255.255.255.255 0 0

Everything has been configured via the GUI and saved to flash.

Labels:
0 Helpful
2 Replies 2

jmia
Level 7
Level 7

‎11-20-2007 06:13 AM

Try...

access-list outside_access_in permit tcp any host xxx.xxx.xxx.236 eq https

access-group outside_access_in in interface outside

static (intf2,outside) tcp xxx.xxx.xxx.236 https https netmask 255.255.255.255 0 0

save with: write mem

And also issue: clear xlate

Hope it helps, pls rate posts if it does.

0 Helpful

theplace
Level 1
Level 1
In response to jmia

‎11-21-2007 03:28 PM

Thanks for your help. I have made the changes, but still no luck. I cannot connect to the device externally via telnet, ping or https.

Any other suggestions, I am using a PIX 506e with PIX version 6.3(4).

Cheers

Andy

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card