Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
New Member

Problem with Port Redirection for Port 80

Hi all,

Lets look my configuration:

static(inside,outside) tcp 23.56.67.78 www 192.168.1.2 www netmask 255.255.255.255

static (inside,outside) tcp 23.56.67.78 smtp 192.168.1.3 smtp netmask 255.255.255.255

access-list out_in permit tcp any host 23.56.67.78 eq www

access-list out_in permit tcp any host 23.56.67.78 eq smtp

access-list out_in applied on outside interface.

Port redirection is working well for SMTP traffic but not working for WWW.

When i check show connection, it shows me that traffic of port 80 reached to my PIX with flags SaAB.

Any help will be highly appreciated.

Thanks

4 REPLIES
Gold

Re: Problem with Port Redirection for Port 80

what is the output of show xlate?

also, 23.56.67.78 isn't the IP of the outside interface, is it?

New Member

Re: Problem with Port Redirection for Port 80

Yes 23.56.67.78 is not the outside interface, its our MX record.

Show conn lport 80

TCP out x.y.z:1234 in 23.56.67.78:80 flags SaAB

New Member

Re: Problem with Port Redirection for Port 80

SaAb Means a Syn has been sent but the firewall is waiting for an ack.

In other words there is no return traffic passing thru the firewall. Maybe there's not an active webserver or the packet is beeing droppped between the firewall and webserver.

If the server is in an directly connected network thats unlikely tho.

Make sure there is a active web server on 192.168.1.2 that is active on port 80, and has the correct ip configuration.

New Member

Re: Problem with Port Redirection for Port 80

Thanks for your suggestion.

My web server is active, I can access from inside network.

I feel there is some routing issues for not reaching back to the firewall.

Thanks

357
Views
0
Helpful
4
Replies
CreatePlease to create content