Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

  • Congratulations Mike Lewis on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

Cisco ASA 5505 not allowing access to highest security zone

Status
Not open for further replies.

gbayi_omo

Technical User
Feb 15, 2017
1
US
Dear All,

I am in the process of upgrading from a pix505e firewall to an asa5505 (ASA Version 9.1(7)7). I am able to access web server from internet on the pix but after running the following command:


interface Ethernet0/0

switchport access vlan 10

!

interface Ethernet0/1

switchport access vlan 100


interface Vlan10

nameif outside

security-level 0

ip address dhcp setroute

!

interface Vlan100

nameif inside

security-level 100

ip address 192.168.1.254 255.255.255.0

!


object network web_server

host 192.168.1.10

nat (inside,outside) static interface service tcp
access-list outside_in extended permit tcp any host192.168.1.10 eq www

access-group outside_in in interface outside

You might as why I am not using dmz, well I am in the process of migrating the servers to the dmz. However, in the meantime the server is in the inside nameif and I need access to the internal web server.

My issue is that the web server cannot be accessed from the outside. I have to revert to using the pix for user to be able to access the webserver for now until this issue is resolved...

Thank you for your quick response
 
Status
Not open for further replies.

Part and Inventory Search

Sponsor

Back
Top