Solved: Cisco pix 501 - accessing webserver through firewall public ip

rcpeacock · ‎05-07-2009

I want to access a website which is hosted on our internal network

basically just want to direct all port 80 traffic through our firewall to the webserver.

see example of config which I have applied below obviously it doesn't work, if some one could give me any ideas why not I would be extremely grateful

static (inside,outside) tcp 79.32.181.4 80 172.16.2.242 80 netmask 255.255.255.255

access-list webserver permit tcp any host 78.32.181.4 eq www

access-group webserver in int outside

I have attached firewall config, ip addresses in some instances have been changed for security.

THANKS!!

John Blakley · ‎05-07-2009

Can you ping the 172.16.2.242 address from the pix? If so, you can do one of two things:

Try to run "clear xlate" to see if you can get it to respond.

Or

Try one-to-one nat instead of port translations:

static (inside,outside) 79.32.181.4 172.16.2.242

Then run clear xlate.

You won't be able to test public access from behind the firewall though on a pix. You'll have to have remote access somehow to test.

HTH,

John

HTH, John *** Please rate all useful posts ***

John Blakley · ‎05-07-2009