Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Pix515E version 6.3(4) and DMZ web server

I have a web server living on my DMZ. But for the life of me cannot access it from the outside (Internet). Here is my current config, another pair of eyes checking the config would be helpful. My public address for the web server is xxx.xx.30.110 and in the dmz it is 192.168.254.110.

Thanks

4 REPLIES
Silver

Re: Pix515E version 6.3(4) and DMZ web server

Unless you chopped out part of your config, you don't have the ACL applied anywhere right now. You need to add:

access-group 101 in interface outside

One other thing jumping out at me is the following:

static (outside,dmz) 192.168.254.110 IIS netmask 255.255.255.255 0 0

I can't be shure it won't work as you have it, but it should be entered in the reverse. like this:

static (dmz,outside) IIS 192.168.254.110 netmask 255.255.255.255 0 0

The following link has info about static.

http://www.cisco.com/univercd/cc/td/doc/product/iaabu/pix/pix_sw/v_63/cmdref/s.htm#wp1026694

Let me know if that fixes it.

-Eric

New Member

Re: Pix515E version 6.3(4) and DMZ web server

Yes, I did chop out part of the config. Sorry about that. Still cannot get to the Web server from the outside world even after making the recommended changes. I am attaching a new config list.

New Member

Re: Pix515E version 6.3(4) and DMZ web server

I may have missed it, but I don't see an access-list applied to the outside interface permitting the web traffic in.

Tim

New Member

Re: Pix515E version 6.3(4) and DMZ web server

your static command for the dmz interface server should be the other way around :

yours :

static (outside,dmz) 192.168.254.110 IIS netmask 255.255.255.255 0 0

it shoud be :

static (dmz, outside) IIS 192.168.254.110 netmask 255.255.255.255 0 0

Jens Petter

208
Views
0
Helpful
4
Replies
CreatePlease login to create content