Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
255
Views
0
Helpful
2
Replies

asa5520 is denying http packets, when i have it permitted!

admin_2
Level 3
Level 3

‎11-08-2007 10:17 AM - edited ‎03-09-2019 07:18 PM

Hi,

I have a cisco asa5520 (new) and while configuring a workstation to permit http syn port 80, the firewall still denies the packets! I can't figure out why it is denying the packets, help!

Labels:
0 Helpful
2 Replies 2

Fernando_Meza
Level 7
Level 7

‎11-08-2007 12:03 PM

Hi,

If you are trying to reach a worktation which is located behind the inside interface of the firewall from the outside then you also need to have a static NAT command i.e

static (inside,outside) Public-IP Private-IP netmak 255.255.255.255

Where Public-IP is the routable IP address that people from the internet will need to know in order to reach your web server.

Private-IP is the real IP address allocated to your server.

The access-list applied to the OUTSIDE interface should look something like this

access-list Outside-In permit tcp any host Public-IP eq 80

access-group Outside-In in interface outside

I hope it helps ... please rate it if it does !!!

0 Helpful

Not applicable
In response to Fernando_Meza

‎11-09-2007 06:22 AM

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents