Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

PIX And Web Access

We have PIX 4.4 running.

I have a PIX sitting in between the ISP router and our single internal network. Inside the network we have a web server and a mail server. NAT has been implemented.

Emails from the outside get to the mail server with no problems.

The problem is with the web server. Internal hosts can get to the server with no problem. External hosts are unable to get to it. When you check the log files you can clearly see external hosts trying to get into the site.

Does anybody have any suggestions ? Any help much appreciated.

New Member

Re: PIX And Web Access

It would help to see your current configuration. But I would suggest, you need at least the following:

ip address inside

ip address outside

nat (inside) 1

global (outside) 1 netmask

static (inside, outside) netmask 0 0

static (inside, outside) netmask 0 0

access-list acl_out permit tcp any host eq smtp

access-list acl_out permit tcp any host eq 80

access-group acl_out in interface outside

Of course, all of the IP addresses listed are from examples, use yours appropriately. If you can, post your config, and change the addresses accordingly.


New Member

Re: PIX And Web Access

Thanks for the help. Will try this out.

New Member

Re: PIX And Web Access

Verify that an ACL is not denying external access,

Look for HTTP Port denials also.

good luck - theo

CreatePlease login to create content