Need help configuring http port on Cisco ASA 5510

Discussion in 'Cisco' started by Snguyen, Oct 6, 2006.

  1. Snguyen

    Snguyen

    Joined:
    Oct 6, 2006
    Messages:
    1
    Hi All,

    I have a Cisco ASA 5510.
    I have an NT Server hosting a web server setup to use the http port 10300.
    How can I configure my pix to allow traffic to this application from other machines in the network?

    My NT Server private IP is 10.0.1.25 and I'm able to access it from the other machines in the network, but when I connect to the application which is using an url like: http:\\<server name>.<domain name>:10300\xxxx
    then I receive a "Server Not found error".

    I tried multiple config of the access list / nat but could not get it to work.

    Here is an extract of my current configuration:

    ASA Version 7.0(4)
    [...]

    interface Ethernet0/0
    nameif outside
    security-level 0
    ip address 67.104.112.162 255.255.255.240
    !
    interface Ethernet0/1
    nameif inside
    security-level 100
    ip address 10.0.1.1 255.255.255.0
    !
    interface Ethernet0/2
    shutdown
    nameif DMZ
    security-level 50
    ip address 172.16.1.1 255.255.255.0
    !
    interface Management0/0
    nameif management
    security-level 100
    ip address 192.168.1.1 255.255.255.0
    management-only
    !
    ftp mode passive
    access-list outside-in extended permit icmp any any
    access-list SPLIT-TUNNEL extended permit ip 10.0.1.0 255.255.255.0 192.168.24.0 255.255.255.0
    access-list NONAT extended permit ip 10.0.1.0 255.255.255.0 192.168.24.0 255.255.255.0
    access-list inside_access_in extended permit tcp any any
    access-list inside_access_in extended permit ip any any

    [...]

    global (outside) 1 interface
    nat (outside) 1 192.168.24.0 255.255.255.0
    nat (inside) 0 access-list NONAT
    nat (inside) 1 10.0.1.0 255.255.255.0
    static (inside,outside) 67.104.112.163 10.0.1.25 netmask 255.255.255.255
    static (inside,outside) 67.104.112.164 10.0.1.26 netmask 255.255.255.255
    access-group outside-in in interface outside
    access-group inside_access_in in interface inside
    route outside 0.0.0.0 0.0.0.0 67.104.112.161 1

    [...]

    http server enable
    http 167.1.162.143 255.255.255.255 outside
    http 10.0.1.0 255.255.255.0 inside
    http 10.0.1.25 255.255.255.255 inside
    http 192.168.1.0 255.255.255.0 management

    [...]

    I would really appreciate if you can help me!
    Thanks in advance.
     
    Snguyen, Oct 6, 2006
    #1
    1. Advertising

Want to reply to this thread or ask your own question?

It takes just 2 minutes to sign up (and it's free!). Just click the sign up button to choose a username and then you can ask your own questions on the forum.
Similar Threads
  1. recvfrom
    Replies:
    3
    Views:
    5,379
    Darren Green
    Jul 21, 2006
  2. ttripp@magnoliamanor.com
    Replies:
    0
    Views:
    11,626
    ttripp@magnoliamanor.com
    Sep 4, 2007
  3. André Rodier
    Replies:
    4
    Views:
    1,410
    Andrey Tarasov
    Jun 3, 2008
  4. milan_9211

    HTTP SOAP/HTTP GET/HTTP POST

    milan_9211, Jan 10, 2011, in forum: Software
    Replies:
    0
    Views:
    3,136
    milan_9211
    Jan 10, 2011
  5. BatCountry

    Configuring ASA 5510 sub-interfaces

    BatCountry, Jan 13, 2011, in forum: Cisco
    Replies:
    0
    Views:
    1,219
    BatCountry
    Jan 13, 2011
Loading...

Share This Page