SA 520 Wan Issue

Unanswered Question
Jan 15th, 2010

Hello,

I am trying to figure this out, but for the life of me I can't seem to find the setting that does what I need.

My setup is as follows:

Modem -> SA 520 -> DMZ -> Web Server

                     |

                 Switch -> Computer

Everytime I try to go to my website from my computer, lets call it hny.com, it routes back to my WAN IP address which in turn brings up the admin page for the SA 520. The only way I got it to work correctly was by adding 2 lines for the host file (for www and without) and it points to the DMZ address. I got it to work with my last firewall, but for some reason I can't get it to work with this one...

Does anyone know a way to either change the DNS, or some setting that will stop the admin page from coming up? Please!

Its 1:30 AM right now EST, and the keyboard is getting closer and closer to my head

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Ganesh Hariharan Sat, 01/16/2010 - 04:17

Hi Jhon,

just check out the in SA 520 that your computer is been given access to DMZ server if yes then check out in DNS entry for server is givne if not then do entry into host  file about the private ip address of the DMZ server with the host name.

Hope that helps out your query !!

Regards

Ganesh.H

johnnyboy24 Sat, 01/16/2010 - 07:26

Thank you for the reply. I can access the DMZ IP without any issues, however since the SA520 is a DNS proxy I can't seem to change any DNS settings on the device itself (wish I could). I can do the host file, but I rather not do that if I don't have to.

Any ideas?

Ganesh Hariharan Sat, 01/16/2010 - 21:08

Hi Jhon,

SA520 is acting proxy to your network then do the by pass in your pc for proxy and then check are you able to connect to server.

HTH

Regards

Ganesh.H

stone.james Thu, 02/18/2010 - 12:52

Any new ideas on this one?  I am having the same issue and do not know what the problem is.  I have an AD domain and  can ping my DMZ computers but cannot access them via the browser.  DNS proxy is enabled on the router.  I have tried to add a host file (poor solution) and I get the same thing "page cannot be found".

If I try add access one DMZ url http:// it gets converted to https://, where as I try a second DMZ url https:// it throws a ERR_SSL_PROTOCOL_ERROR.

Any ideas to what the problem is?  I have added A records in the AD DNS but cannot access the DMZ internally. HELP!!

I am running the latest firmware... 1.1.21

James

LocaleyesSuomi Fri, 03/12/2010 - 02:31

Hi,

We're also seeing the same problem. We used to work around this issue on our old PIX-506 by port-forwarding all our public services into the LAN zone, but the SA520 doesn't seem to support the DNS Translation feature in the PIX series.

I'm now planning on setting up a fake nameserver in our LAN zone to serve the the LAN only. Altough this is far from desirable, it's still a better solution than setting up hosts files in tens of workstations.

Saku

Actions

This Discussion

Related Content