Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
396
Views
0
Helpful
5
Replies

Cisco ASA 5515-X Problem

Olumuyiwa Arowosegbe
Level 1
Level 1

‎10-27-2014 06:42 AM - edited ‎03-11-2019 09:59 PM

Hi guys,

I'm currently deploying a cisco ASA 5515-X.

The customer has 5520 currently installed and looking to replace it.

However, problem is the web server at the DMZ displays error 500 when accessed from the web and inside.

This is after I've permitted ip any any and Tcp any any from outside.

I'm able to ping the server and it can browse the internet.

I can even do remote desktop from the inside network.

The server is being accessed on https and displays the IIS 7 page when I type in my browser

https://www.xxx.xxx.xxx.xx but produces the server 500 error immediately I add https://www.xxx.xxx.xxx.xx/file

Cisco TAC guys who worked on it have said the problem is with the server since network communication is confirmed.

But it's difficult to convince the client since when they connect the cisco 5520, the server is easily accessible.

I've gone ahead to simulate this in my lab with a web server running IIS 7 and it works.

I'm at a loss as to why this problem persists.

 

 

Labels:
0 Helpful
5 Replies 5

Vibhor Amrodia
Cisco Employee
Cisco Employee

‎10-27-2014 08:06 PM

Hi,

This server on the DMZ , is the URL :- https://www.xxx.xxx.xxx.xx/file accessible from the devices on the same LAN ?

Also , is there is redirection happening when we access the "https://www.xxx.xxx.xxx.xx/file" URL.

If possible , try to provide the Syslog[Debug levels] at the time when you try to access the server from the Outside interface.

Thanks and Regards,

Vibhor Amrodia

0 Helpful

Olumuyiwa Arowosegbe
Level 1
Level 1
In response to Vibhor Amrodia

‎10-29-2014 12:09 AM

Thanks Vibhor,

 

The same experience is being experienced from the lan and internet.

From the LAN, users can access with the private ip address  in the browser.

They can even connect through remote desktop.

 

I'll appreciate any suggestions to solve this problem.

 

0 Helpful

Vibhor Amrodia
Cisco Employee
Cisco Employee
In response to Olumuyiwa Arowosegbe

‎10-29-2014 02:27 AM

Hi,

So , to understand the issue , you have a DMZ server which is accessible from the Internal Interface on its private IP address ? What about the PC in the same DMZ subnet ?

I think it would be easier if you can provide a topology and what access is not working.

Also , try to give some configuration related to the issue if possible ?

Thanks and Regards,

Vibhor Amrodia

0 Helpful

Olumuyiwa Arowosegbe
Level 1
Level 1
In response to Vibhor Amrodia

‎07-27-2015 04:43 AM

Hi,

I have since resolved the problem.

The application has a database which resides on the inside network and unreachable from the web server.

Immediately I resolve the connectivity problem, everything started working.

Thanks for your help.

0 Helpful

Aref Alsouqi
VIP
VIP

‎10-29-2014 07:41 AM

Hi pmy,

 

My guess would be that IIS 500 error would be due to an issue on the server itself, but, the first step I would do as it was mentioned by Vibhor as well would be to check the functionality of the web server from a host in the same lan (dmz).

 

Regards,

Aref

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card