Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Cannot access webmail service on server (inside network) using url

Firewall: Cisco pix 515e (6.3 software)

I have installed MDaemon on a server with internal ip of 192.168.0.39. The webmail service runs on port 3000 of this server.

Now, people inside the network can connect to the webmail service using http://192.168.0.39:3000 - however, this is not what I want.

Our webspace provider created url http://aaa.bbb.com to redirect to our public ip of http://xx.xxx.xxx.xxx:3000

Accordingly I added these lines to the pix:

access-list acl_out permit tcp any host 192.168.0.39 eq 3000

access-list acl_out permit tcp any any eq 3000

static (inside,outside) tcp xx.xxx.xxx.xxx 3000 192.168.0.39 3000 dns netmask 255.255.255.255 0 0

static (inside,outside) tcp xx.xxx.xxx.xxx http 192.168.0.39 http netmask 255.255.255.255 0 0

Now if a person outside the network tries to access

http://aaa.bbb.com they will be redirected to the webmail service on our internal server. However, if a user in our internal network tries to access http://aaa.bbb.com it does not connect.

I want to be able to have both internal and external users only use http://aaa.bbb.com to connect to the webmail service. Please tell me where I have gone wrong.

Thanks.

CD

5 REPLIES
Silver
New Member

Re: Cannot access webmail service on server (inside network) usi

If I understand you correctly:

1. Your ISP configured a dns record for http:\\aaa.bbb.com that you want to redirect to internal 192.168.0.39:3000 .

2. External is working, but internal is not.

Do you want your internal users being redirected to that public ip address or the internal one? (ping aaa.bbb.com). If they are hitting the public your internal dns needs to point at the private ip address for http:\\aaa.bbb.com

New Member

Re: Cannot access webmail service on server (inside network) usi

1. Not our ISP but our webspace provider. In our webspace control panel, I configured a subdomain and redirected it to http:\\aaa.bbb.com:3000

From anywhere outside our office (which is behind a cisco firewall), I can connect to the webmail using the domain http:\\aaa.bbb.com

2. External works: Using http:\\aaa.bbb.com I can connect but from only outside the office. If I am inside the office i.e behind our firewall, I cannot connect using http:\\aaa.bbb.com

I can only connect using the internal/private ip of 192.168.0.39:3000

Target: I want both internal and external users to use http:\\aaa.bbb.com to connect to the webmail. Hence, I need (don't know how) to point the internal dns to the public ip (80.xxx.xxx.xxx).

CD

Anonymous
N/A

Re: Cannot access webmail service on server (inside network) usi

Can you put an entry in your internal DNS servers forward lookup zone to point to your (80.xxx.xxx.xxx)?

New Member

Re: Cannot access webmail service on server (inside network) usi

How would I do that? All we have here is a firewall through which people access the Internet.

Any DNS server is provided by our isp.

CD

1395
Views
0
Helpful
5
Replies
CreatePlease to create content