Web publishing behind 501

Unanswered Question
May 1st, 2008
User Badges:

I have a network currently using ISA 2004. I want to move them to PIX. The only problem are two servers. One server runs a site called www.mydomain.com. The other site (hosted on an Exchange server) server.mydomain.com. As far as the outside world is concerned, all of the traffic for mydomain.com goes to the ISA (198.88.238.x). Once it hits the ISA it looks at the header and determines which inside server to send it to. So - my question is, can this be replicated on a PIX 501? I tried doing a translation rule but it didn't seem to do what I wanted. To make a long story short, when traffic for www.mydomain.com hits the PIX I need it to go to server A. When traffic for server.mydomain.com hits the PIX I need it to go to server B.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Patrick Laidlaw Fri, 05/02/2008 - 17:15
User Badges:
  • Gold, 750 points or more

Hello,


Unfortunatly an ASA/pix is not a reverse proxy box and does not have the ability to look into header information to do advanced decisions on http traffic routing.


The most you could hope for is to map those domain names to different public ip address's and then statically nat them through the pix to the private ip for that url.

brownr0127 Sat, 05/03/2008 - 08:26
User Badges:

I was afraid of that. I wish we had the public IP's. Can you recommend a Cisco product that might accomplish this along with being a firewall?

Actions

This Discussion