Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Problem accessing my own Website

I have an issue getting to my own company website that is hosted by a web host on the outside. I can get to the website from anywhere except from behind my PIX. I have a 515e with a webserver in the DMZ. All websites hosted on the DMZ are accessible (both inside and outside) but if I go from any PC on the inside network and try to get to my company website (on the outside)it can't and I get the "Page not found" error. It doesn't seem to be DNS related because I get the same if I type in the ip address as well. I can access any other website from the inside network, just not my company site.

What could this be ? It has been working for months. Occasionally I have had to go in and clear xlate because something was getting confused on the PIX but that has straighted it out. This time it doesn't help. I'm guessing it's some kind of routing problem but I've looked at my config and it seems right.

Any suggestions or thoughts would be appreciated.

Thanks

3 REPLIES
New Member

Re: Problem accessing my own Website

Attached is my config

Gold

Re: Problem accessing my own Website

try to do "de ic t" and then kick off a ping from inside host to the webserver.

New Member

Re: Problem accessing my own Website

This is a pix feature and a dns configuration problem. Without looking at your config I assume you have a static between the outside i/f and the dmz. Your dns server is probably resolving the outside address of the webserver. because the static applies to traffic arriving on the outside interface, it is not applied and the host can not be reached from the inside network by the static translation.

There are two fixes.

1. Configure two dns servers. One resolves internet requests to the outside address. The other resolves internal requests to the dmz address assuming no nat between inside and dmz.

2. I have never tried this, but it should work. Configure a static between the lan and the dmz with the outside address of the webserver.

static (dmz,inside) web.server.pulic.ip web.server.private.ip

Something tells me it doesn't work, but it might? - Let me know if you try it.

116
Views
0
Helpful
3
Replies