i have set up a dmz on the asa5510 with a web server in it. when i try to connect to the server from outside i see the SYN packet hit the server but the client never receives the SYN/ACK even though server definitely sends it. that made me try and access the internet from the web server and that didn't work either. here is what i have:
access-list outside_in extended permit tcp any host <my public IP> eq www
access-list outside_in extended permit tcp any host eq 5000
and now i can access the web server from outside. i still cannot access the internet from that web server but what confuses me is that SYN/ACK packets hit the client when using port 5000 on the server and not when using port 80. any suggestions?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...