Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Community Member

WEB SERVER IN DMZ

I have a PIX 515E configured with a DMZ. I have my web server in the DMZ and all is working well. Well, actually too well. Outside users can access the web page on the web server via the web site Hostname.tac.org (Example). Also, outside users can access the web site via the Outside IP Address. However, when you ping or tracert the Outside IP Address of the web site/web server it TIMES OUT.

I did not think the outside would be able to access the Web Site with the Outside IP Address, as it has been changed to a 10.10.10.X address and within the DMZ. What am I missing? I have verified all of my configurations on the PIX and all are correct. Ron

3 REPLIES
Silver

Re: WEB SERVER IN DMZ

you are probably blocking icmp, which is required for ping and traceroute to work.

the web site needs to be accessible by ip, that is how things work

Community Member

Re: WEB SERVER IN DMZ

What Mostiguy said....

You can use hostheaders on the webserver to force them to hit it by fqdn if you don't want them to be able to do it by ip address.

Community Member

Re: WEB SERVER IN DMZ

Thanks, I put the Host Header, which took care of the problem. Ron

88
Views
0
Helpful
3
Replies
CreatePlease to create content