Problem with Port Redirection for Port 80

Unanswered Question
Jan 9th, 2008

Hi all,

Lets look my configuration:

static(inside,outside) tcp www www netmask

static (inside,outside) tcp smtp smtp netmask

access-list out_in permit tcp any host eq www

access-list out_in permit tcp any host eq smtp

access-list out_in applied on outside interface.

Port redirection is working well for SMTP traffic but not working for WWW.

When i check show connection, it shows me that traffic of port 80 reached to my PIX with flags SaAB.

Any help will be highly appreciated.


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
srue Wed, 01/09/2008 - 10:08

what is the output of show xlate?

also, isn't the IP of the outside interface, is it?

zenab_ahmed Sat, 01/12/2008 - 04:03

Yes is not the outside interface, its our MX record.

Show conn lport 80

TCP out x.y.z:1234 in flags SaAB

r.sneekes Mon, 01/14/2008 - 07:53

SaAb Means a Syn has been sent but the firewall is waiting for an ack.

In other words there is no return traffic passing thru the firewall. Maybe there's not an active webserver or the packet is beeing droppped between the firewall and webserver.

If the server is in an directly connected network thats unlikely tho.

Make sure there is a active web server on that is active on port 80, and has the correct ip configuration.

zenab_ahmed Mon, 01/14/2008 - 10:22

Thanks for your suggestion.

My web server is active, I can access from inside network.

I feel there is some routing issues for not reaching back to the firewall.



This Discussion