Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1044
Views
10
Helpful
22
Replies

Internal website through PIX 515E

andy
Level 1
Level 1

‎05-29-2007 01:56 PM - edited ‎03-05-2019 04:22 PM

I recently became the network administrator for a small local government entity. I have been thrust into the world of CISCO which is fine but I have a lot to learn. I have a CISCO PIX 515E firewall and I need to configure it so that when a link on the website(hosted outside the company) is clicked, it will point to a GIS server running apache inside our network. I have absolutely no idea how to do this in the CLI. I'm sorry if I'm asking too much here but any help would be appreciated. The apache server works internally so at least that much is set up correctly. I just need the general public to be able to access it from the outside.

Labels:
0 Helpful
22 Replies 22

andy
Level 1
Level 1
In response to acomiskey

‎05-30-2007 11:36 AM

yes

EDIT: This is a duplicate entry...please disregard.

0 Helpful

acomiskey
Level 10
Level 10
In response to andy

‎05-30-2007 11:40 AM

Have you tried write mem and rebooting?

Post a thread over in the Firewall forum with your config, that may help.

0 Helpful

acomiskey
Level 10
Level 10
In response to acomiskey

‎05-30-2007 12:09 PM

^

0 Helpful

andy
Level 1
Level 1
In response to acomiskey

‎05-30-2007 12:16 PM

Every time I changed something in the config I did the write memory and reload commands. I'll try there. thanks for letting me pick your brain all day :)

0 Helpful

andy
Level 1
Level 1
In response to acomiskey

‎05-30-2007 12:40 PM

actually...that did it, man. I just tested it from an external ip and it worked. I just can't hit the external IP from an internal IP. thank you so very much.

0 Helpful

acomiskey
Level 10
Level 10
In response to andy

‎05-30-2007 12:41 PM

Ha, I think a rating is deserved after all that. Anyway, let me know if you want to work out the other problem. Enjoy.

andy
Level 1
Level 1
In response to acomiskey

‎05-30-2007 12:47 PM

other problem? I could care less if they can't hit the external IP from inside the network. It's for the public to be able to access the most updated maps of our area through our 911 service. Unless there's another issue that I'm forgetting, everyone can just hit the local IP from inside the network if they want to see it.

Thanks again.

0 Helpful

scottmac
Level 10
Level 10

‎05-29-2007 02:57 PM

This would not be a PIX thing; it would be a DNS thing.

You need an internal DNS with the domain names resolving to your internal addresses. This has to be configured as the first DNS on the client.

The links/URLs on your website must be domain names, not IP addresses ... or if you're using a dynamic web, the script language should query the client's environment and determine if it's inside or outside and send the appropriate address.

So, from the inside, when the client browser asks for http://www.here.gov ... the local DNS serves up the internal address ... when someone outside requests that URL, it is given teh correct Outside address to access your site.

I believe the Pix can only "hairpin" from VPN tunnel to VPN tunnel (and only with recent code i.e., > 6.3{something}).

Good Luck

Scott

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card