Pix 501

johnv · ‎10-24-2002

I am configuring a Pix 501 on a 10 user network. Inside we are using a class c network DHCP 192.168.1.1 - 50. My main server is on a Static of 192.168.1.31 the website that runs off this machine has an outside address of 64.213.198.242. When is static the 2 together it works fine and takes on the IP address. From the internal network I can use the 192 address and view the page fine. But from the outside (www) when clients type in the url for us (www.arecont.com) it doesn't come up. I hade it working on a Lynksys Router with no protection. Any suggestions on what I need to do to get this site filtering right through the firewall.

John

rj.remien · ‎10-24-2002

Hi John,

The static creates the translation through the firewall. You then need to create an access-list and apply it to the outside inteface to allow external users to access your web site.

Example -

static (inside,outside) 64.213.198.242 192.168.1.31 netmask 255.255.255.255

access-list 101 permit tcp any host 64.213.198.242 eq www

access-group 101 in interface outside.

This will allow anyone on the Internet to access your internal web server.

As a side note, I would not post any company information in the future (passwords, Public IP addresses) for security reasons.

HTH,

RJ

johnv · ‎10-24-2002

This still didn't work. Any other suggestions

gfullage · ‎10-24-2002

Does the web server have its default gateway set to the PIX's inside IP address?

The config that was suggested by the previous person should work for you. If you enable logging on the PIX and then try a connection, do you see any error messages appear.

Do "logging on" and "logging console debug" and then establish a console connection before trying to browse to the web site from the outside. This should give you a good explanation of what's going wrong.