Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

virtual http from outside to inside not working. urgent help required pls

hi all can someone pls help me. i am able to authenticate rdp and all other kinds of trafic with the help of virtual http and virtual telnet from inside to outside. but i am unable to achieve the same from outside to inside.

int e0

no sh

nameif outside

ip add 1.x.x.1/24

int e1

no sh

nameif inside

ip add 10.1.1.1/24

acs server is on 10.1.1.3 and rdp server is on 10.1.1.2

host is connected on the outside with 1.x.x.2

aaa-server cisco protocol tacacs+

aaa-server cisco (inside) host 10.1.1.3

key cisco

static(inside,outside) 1.1.x.x.1.1.2 netmask 255.255.255.255

access-list 101 per tcp any host 1.1.1.3 eq 3389

access-list 101 per tcp any host 1.1.1.4 eq 80

access-list 101 per tcp any host 1.1.1.5 eq 23

access-group 101 in interface outside

virtual-telnet 1.1.1.5

virtual-http 1.1.1.4

when i am trying to telnet or do http to this virtual ip;s i am not getting triggered for authentication. what could be the problem. so i have to do a static nat for virtual http and virtual telnet servers.

what am i missing. can someone pls help me.

on the acs server also i have permitted http 1.1.1.4 and telnet to 1.1.1.5.

pls urgent help required.

regards

sebastan

2 REPLIES

Re: virtual http from outside to inside not working. urgent help

Hi Sebastan

Security device dont allow Telnet sessions usually from outside world/interface.

You need to make use of SSH to logon to your secuirty device.

But the same is viceversa when you are doing it from internal lan which is behind your inside interface.

regds

New Member

Re: virtual http from outside to inside not working. urgent help

hi kumar i know telnet sessions are not allowed from the outside of the pix or the asa. but the as u can see i am doing virtual telnet to the pix and not telneting to the pix itself.

i get the authentication promt for username and password.

cause i have see configuration examples for virtual telnet from the touside of pix. can u pls help.

see ya and thanks for ur reply.

regards

sebastan

129
Views
6
Helpful
2
Replies