I'm trying to use port redirection to allow outside access to a internal web server. As far as I can see, everything is configured properly. The Open Port Checker tool from yougotsingle.com says that the port (80) is open. However when I goto access it the connection times out.
The external address is static from my ISP, and I will call it xxx.xxx.xxx.xxx. The server is at 10.1.1.20, and is functioning properly over the LAN.
Configuration looks good to me, i would suggest you rely on packeta captures now to identify where the packets are being dropped. This should give you a clear picture of the packet flow, you can refer to this doc for captures:
It seems that the request is being forwarded to the server but the server is not responding back, you can see in the captures that the S (syn) packets are going to the server but nothing coming back. You might want to check why the server is not responding. Can you also share the captures and acl's that you used, just to double check.
Thanks for the quick response Varun, I’m sure that the server is working properly. The internal address is 10.1.1.20 (for the server) I have been able to use the server from anywhere within the LAN. But not from outside the LAN. The commands that apply to the port redirection are:
Wait a minute, are you accessing the server from the inside networ on the PIX, why do i see request coming from inside interface on the public ip?? It should be coming from outside and in the captures we shoudl see the request coming form outisde, but in the captures it is opposite.
The request is coming from 10.1.1.100 whihc is your internal lan ip.
If it is so, then I guess you would need to do u-turning on the PIX.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...