11-20-2007 05:22 AM - edited 03-11-2019 04:33 AM
I have set up a SSL concentrator on my internal network with a fixed ip address, this device is accessed using https. It works fine on our internal network. Then on my PIX 506e I have configured a static route from the external ip address to the internal address and then an access rule to allow https traffic to the external address. When I go to https://external ip, I am not able to connect to the network device. Any ideas what I am doing wrong? See below for relevant config:
access-list outside_access_in permit tcp any host xxx.xxx.xxx.236 eq https
static (intf2,outside) xxx.xxx.xxx.236 SSL netmask 255.255.255.255 0 0
Everything has been configured via the GUI and saved to flash.
11-20-2007 06:13 AM
Try...
access-list outside_access_in permit tcp any host xxx.xxx.xxx.236 eq https
access-group outside_access_in in interface outside
static (intf2,outside) tcp xxx.xxx.xxx.236 https
save with: write mem
And also issue: clear xlate
Hope it helps, pls rate posts if it does.
11-21-2007 03:28 PM
Thanks for your help. I have made the changes, but still no luck. I cannot connect to the device externally via telnet, ping or https.
Any other suggestions, I am using a PIX 506e with PIX version 6.3(4).
Cheers
Andy
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide