Server in DMZ

Unanswered Question
Oct 5th, 2009
User Badges:

1811 / 12.4(6)T11


I just got 1811, and I am in trouble to set up a simple web server with this router.


Most likely, I do not understand the basic concept, but if anybody can give me a hint, that would be appreciated.


I have 12 global IP addresses, one is used for FE0. I created VLAN5 on port 5 with 192.168.5.1 private IP.


I connected a web server, which has a static global IP from our 12 block and proper gateway and DNS.


I can see the webpage from the other host computers in DMZ, but not from outside our network or not from the other VLANs on this router.


I thought anything under DMZ has no restriction to access Internet. From the server in DMZ, I cannot connect Internet.


When I ran the Advanced Firewall wizard I chose the server's IP with WWW service.


I think I am missing something, but I cannot think about.


Could you please help me to find out where I should check?


Thank you very much.


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (2 ratings)
Loading.
Jon Marshall Mon, 10/05/2009 - 11:42
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Can you post your current config ?


Jon

ttanemori Mon, 10/05/2009 - 11:52
User Badges:

Thank you very much for your reply. I have realized that how much I do NOT know about this router or networking itself by your question....


How can I retrieve configuration information? I can access SDM, but that is all I can do. I saw that somebody printed a configuration from the router and compared the setting with mine.


Do I have to use a command line to see my configuration?

alaeldien Tue, 10/06/2009 - 20:44
User Badges:

take it easy this i can help you in it


to print you router configuration log into the router through CLI

issue the command to print your config


Router # show running-config

hit return to scroll down till the end of configuration


copy and paste it in text editor


and your case is probably of missed route in your config .



ttanemori Wed, 10/07/2009 - 11:11
User Badges:

Thank you very much for your reply. To make a long story short, I could finally connect to the router through CLI. I had had no idea about it.


Here is a copy of result. I have replaced a part of glotal IP addresses with xxx.xxx. We received 15 static IP addresses.


I am sorry to bother you with this, I really appreciate if you can give me any advices through this result.


Thank you very much.


----------------------------




Attachment: 
Giuseppe Larosa Wed, 10/07/2009 - 12:04
User Badges:
  • Super Silver, 17500 points or more
  • Hall of Fame,

    Founding Member

Hello Tom,

unfortunately this config is not complete, they are just the last N lines.

This may depend from settings of the telnet client you have used.

if it is an OS shell it has a limit on lines of buffer


you can use a freeware telnet/SSH client like putty


http://www.chiark.greenend.org.uk/~sgtatham/putty/download.html


this will allow you to log = to write in a text file all what appears in the telnet window.


after having opened the session to the router


just use Change Properties -> Logging


choice a file name and a DIR with browse


select log printable output only


then apply


do again the commands suggested by Alaa.


at the end of sh run go back to

Change properties -> Logging

select Logging turned off

apply


you should have a txt file with the name you have specified in the DIR you have chosen or in putty DIR.


that will be complete and you will be able to post it here.


Hope to help

Giuseppe





These lines provide NAT statements and all the Access-lists but we cannot see how they are used.


ttanemori Wed, 10/07/2009 - 13:06
User Badges:

Thank you very much for introducing a nice software. I am not sure if I did correct, but here is what I got.


Thank you very much.



Attachment: 

Actions

This Discussion