Server in DMZ

Unanswered Question
Oct 5th, 2009

1811 / 12.4(6)T11

I just got 1811, and I am in trouble to set up a simple web server with this router.

Most likely, I do not understand the basic concept, but if anybody can give me a hint, that would be appreciated.

I have 12 global IP addresses, one is used for FE0. I created VLAN5 on port 5 with 192.168.5.1 private IP.

I connected a web server, which has a static global IP from our 12 block and proper gateway and DNS.

I can see the webpage from the other host computers in DMZ, but not from outside our network or not from the other VLANs on this router.

I thought anything under DMZ has no restriction to access Internet. From the server in DMZ, I cannot connect Internet.

When I ran the Advanced Firewall wizard I chose the server's IP with WWW service.

I think I am missing something, but I cannot think about.

Could you please help me to find out where I should check?

Thank you very much.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
ttanemori Mon, 10/05/2009 - 11:52

Thank you very much for your reply. I have realized that how much I do NOT know about this router or networking itself by your question....

How can I retrieve configuration information? I can access SDM, but that is all I can do. I saw that somebody printed a configuration from the router and compared the setting with mine.

Do I have to use a command line to see my configuration?

alaeldien Tue, 10/06/2009 - 20:44

take it easy this i can help you in it

to print you router configuration log into the router through CLI

issue the command to print your config

Router # show running-config

hit return to scroll down till the end of configuration

copy and paste it in text editor

and your case is probably of missed route in your config .

ttanemori Wed, 10/07/2009 - 11:11

Thank you very much for your reply. To make a long story short, I could finally connect to the router through CLI. I had had no idea about it.

Here is a copy of result. I have replaced a part of glotal IP addresses with xxx.xxx. We received 15 static IP addresses.

I am sorry to bother you with this, I really appreciate if you can give me any advices through this result.

Thank you very much.

----------------------------

Attachment: 
Giuseppe Larosa Wed, 10/07/2009 - 12:04

Hello Tom,

unfortunately this config is not complete, they are just the last N lines.

This may depend from settings of the telnet client you have used.

if it is an OS shell it has a limit on lines of buffer

you can use a freeware telnet/SSH client like putty

http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html

this will allow you to log = to write in a text file all what appears in the telnet window.

after having opened the session to the router

just use Change Properties -> Logging

choice a file name and a DIR with browse

select log printable output only

then apply

do again the commands suggested by Alaa.

at the end of sh run go back to

Change properties -> Logging

select Logging turned off

apply

you should have a txt file with the name you have specified in the DIR you have chosen or in putty DIR.

that will be complete and you will be able to post it here.

Hope to help

Giuseppe

These lines provide NAT statements and all the Access-lists but we cannot see how they are used.

ttanemori Wed, 10/07/2009 - 13:06

Thank you very much for introducing a nice software. I am not sure if I did correct, but here is what I got.

Thank you very much.

Attachment: 

Actions

This Discussion