Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

PIX 515 and HTTPS on Exchange

Every few months PIX stops passing outside traffic for HTTPS (443) port for Exchange server OWA ( internally it works just fine). When I look at xlate it shows 0 bytes and flags aB. I change rule to port 4343 and it works. After a few weeks I change back to port 443 and it works. I dont understand why it randomly stops working and then randomly works again. Does anyone had same or similar problem ? Thank you.

4 REPLIES

Re: PIX 515 and HTTPS on Exchange

what happens when you bounce the box? does it work when it comes back up? how about when you clear xlate? what version of PIXOS are you runnig? can you post your pix config?

-brad

www.ccbootcamp.com

(please rate the post!)

New Member

Re: PIX 515 and HTTPS on Exchange

bouncing the box and clear xlate don't do any good.

attached please find PIX config.

Thank you. Yevgeniy

Gold

Re: PIX 515 and HTTPS on Exchange

Hi Yevyenig,

As a test, can you take out the following...

access-list outside_access_in permit tcp any host 216.31.255.32 eq https

static (inside,outside) 216.31.255.32 10.1.10.46 netmask 255.255.255.255 0 0

And add...

access-list outside_access_in permit tcp any host 216.31.255.32 eq https

static (inside,outside) tcp 216.31.255.32 https 10.1.10.46 https netmask 255.255.255.255 0 0

access-group outside_access_in in interface outside

Also for good mesure, can you take out the other port access i.e. 4343 access.

Please issue - wr m and clear xlate after the modifications.

Let me know how it goes,

Jay

New Member

Re: PIX 515 and HTTPS on Exchange

Thank you, Jay. I'm going to try it and let you know. yevgeniy

104
Views
0
Helpful
4
Replies