Outlook Web Access Interfering with PDM

Unanswered Question
Aug 27th, 2008

Hi,

I have PIX 506E with OS 6.3(5). I have only one public IP address which I assigned to PIX Outside Interface. I also NATed this public IP address to the Mail server running Exchange Server 2003.

I discovered I could not access PDM anymore after NATing Mail server internal IP address to the PIX Outside IP address.

What can I do in a case like this where I have only one public IP address that should be used for PIX Outside Interface and Mail server?

See my config below.

name 192.168.16.1 Server

access-list outside_access_in permit tcp any host 217.x.x.237 eq https

access-list outside_access_in permit tcp any host 217.x.x.237 eq smtp

access-list outside_access_in permit tcp any host 217.x.x.237 eq www

ip address outside 217.x.x.237 255.255.255.248

ip address inside 192.168.16.254 255.255.255.0

static (inside,outside) tcp 217.x.x.237 www Server www netmask 255.255.255.255 0 0

static (inside,outside) tcp 217.x.x.237 https Server https netmask 255.255.255.255 0 0

static (inside,outside) tcp 217.x.x.237 smtp Server smtp netmask 255.255.255.255 0 0

access-group outside_access_in in interface outside

access-group inside_access_out in interface inside

When I disable PDM with "no http server enable" command OWA works. But when I re-enable PDM OWA stops working.

Any ideas on the reason for this?

Regards.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
a.ajiboye Wed, 08/27/2008 - 04:59

Thank you for your prompt response.

How do I configure for PDM connections on the "inside" interface?

Regards.

http server enable

http x.x.x.x y.y.y.y inside

x.x.x.x = inside IP subnet

y.y.y.y = subnet mask.

So for example

http 192.168.0.0 255.255.0.0 inside

Now if you have remote VPN configured - you will PDM from your VPN connection as long as the ip pool for the remote VPN is in the 192.168.0.0 - for example.

Or you could just RDPsession to an internal server, then run the PDM from that server.

HTH.

Actions

This Discussion