Hi , Do your server is

uureggie1 · ‎07-08-2014

We want user who are connecting to a App in our DMZ with HTTP (80) to be redirected to HTTPS (443). Can I do the re-direct with my ASA 5520 ?

SANTHOSHKUMAR SARAVANAN · ‎07-08-2014

Hi ,

Do your server is listening/running on service 443 ?? , What is your ASA code ??

You can do port redirection , by using static PAT .

HTH

Sandy

uureggie1 · ‎07-08-2014

We are using
Cisco Adaptive Security Appliance Software Version 8.2(3)

Do you have more info on using PAT?

SANTHOSHKUMAR SARAVANAN · ‎07-08-2014

Hi ,

Your real server should run/listen for services on TCP/443 . And you need configure Access-list on ASA for both service port 80 & 443 .

If your ASA is running with separate DMZ interface and if you want to Port NATing with outside interface below is the configuration .

X.X.X.X is mapped IP address

Y.Y.Y.Y is real IP address

hostname(config)# static (dmz,outside) tcp x.x.x.x 80 y.y.y.y 443 netmask 255.255.255.255

HTH

Sandy

uureggie1 · ‎07-08-2014

Sandy,

I was able to make the changes to my ASA,

access-list acl_outside extended permit tcp any host X.X.X.X object-group WWW-SSL-TCP
static (DMZ1,outside) tcp X.X.X.X www Y.Y.Y.Y https netmask 255.255.255.255

using Chrome trying to access y.y.y.y from the internet http://X.X.X.X I get " It appears that the website you are trying to visit is having technical difficulties or is no longer available"

going to https://X.X.X.X i get re-directing message, but it also fails "Webpage is not available"

If I remove the PAT re-direct and re-try HTTPS works and HTTP fails..

Is there something more I should try ?

SANTHOSHKUMAR SARAVANAN · ‎07-09-2014

Hi ,

From below error you need to redirect on your server ,What is your server platforrm windows or Linux ??

going to https://X.X.X.X i get re-directing message, but it also fails "Webpage is not available"

http://support.microsoft.com/kb/839357

HTH

Sandy

Can you redirect port 80 to port 443 on ASA