Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Users might experience few discrepancies in Search results. We are working on this on our side. We apologize for the inconvenience it may have caused.
New Member

asa5520 is denying http packets, when i have it permitted!

Hi,

I have a cisco asa5520 (new) and while configuring a workstation to permit http syn port 80, the firewall still denies the packets! I can't figure out why it is denying the packets, help!

2 REPLIES

Re: asa5520 is denying http packets, when i have it permitted!

Hi,

If you are trying to reach a worktation which is located behind the inside interface of the firewall from the outside then you also need to have a static NAT command i.e

static (inside,outside) Public-IP Private-IP netmak 255.255.255.255

Where Public-IP is the routable IP address that people from the internet will need to know in order to reach your web server.

Private-IP is the real IP address allocated to your server.

The access-list applied to the OUTSIDE interface should look something like this

access-list Outside-In permit tcp any host Public-IP eq 80

access-group Outside-In in interface outside

I hope it helps ... please rate it if it does !!!

Anonymous
N/A

Re: asa5520 is denying http packets, when i have it permitted!

115
Views
0
Helpful
2
Replies
CreatePlease to create content