cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
374
Views
0
Helpful
2
Replies

Cisco ASA5510 Web Server problems

timothyshipp
Level 1
Level 1

Hi Guys

I've been banging my head against the wall for a few weeks trying to resolve this but the ASA doesn't seem to accept many of the old commands I'm used to.

Basically we have a web server that runs on port 8080 and I need to give customers access to it externally which is working partially.  Normal browsing of the web server works fine but fails when users try to access certain pages with Javascript running.  Below is the current ACL:


access-list acl-out extended permit tcp any interface outside eq 8080
access-list WEBSERVER extended permit tcp any host X.X.X.X eq 8080
access-list WEBSERVER extended permit tcp any interface outside eq 8080
access-list WEBSERVER extended permit tcp any interface outside eq www
access-list WEBSERVER extended permit tcp any interface inside eq www
access-list WEBSERVER extended permit tcp any interface inside eq 8080
access-list WEBSERVER extended permit tcp any host X.X.X.X eq www
access-list WEBSERVER extended permit tcp any host X.X.X.X eq 4333
access-list WEBSERVER extended permit tcp any host Y.Y.Y.Y eq 8080

X=external

Y=internal

Is there any way I can open all ports to the webserver to check if this resolves the issue as I'm at a loss now?

Thanks in Advance

Tim

2 Replies 2

Kureli Sankar
Cisco Employee
Cisco Employee

Need to know where these acls are applied.

In anycase, we need to see that these other pages call?

When it fails on the browser use "view source" and see that the page is calling to load that is failing.

Many times, developers tend to use internal machine name in the pages, this will work internallly just fine but, externally which DNS is going to resolve your internal machine names? It will fail.

Captures of the broken flow and view source are your friends.

-KS

Managed to get this working in the end, turns out I was just being a muppet (for a change)

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: