I have a DMZ setup behind a PIX515-E that cannot view web pages on devices that are managed on the outside interface of the firewall. The clients can communicate with the PLC's with no problem, except when the web interface on the PLC's is requested. I tested with my notebook on the outside and inside of the PIX. I get the same problem on the inside that the client systems have, but the pages come up fine on the outside. I have researched this to find out what I can do and have found nothing that will help. I can pull up a web page running on IIS from the inside with no problem. All of the PLC's have rules setup to allow IP, UDP and TCP with destination and service set to any for each. No syslog messages show up when the clients try to access the outside web pages. Any suggestions will be much appreciated.
You may need to try increasing the dns default bytes length in pix, 512 is the default size, increase it to 1024 and see if it makes any difference. I have seen similar issues which increasing it has resolved it.
pix(config)#fixup protocol dns maximum-length 1024