Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations derfloh on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

PIX 515 and DNS behind it

Status
Not open for further replies.
MJNSBF

MJNSBF

Technical User
Apr 2, 2002
71
US
I just installed my first pix 515 with great success....except for one thing. There is a webserver behind the firewall that we need access to. It has a registered ip and those outside the firewall are able to access it (using the name Those behind the firewall must enter the ip address. The doesn't work for them. Yet, they can access everything else on the internet just fine.

Thanks in advance for any suggestions.

M
 
Sort by date Sort by votes
Can you post your config file?
Where is your dns server located?
Is your web server on the dmz?
The "alias" command might solve your issue, but the questions above need to be answered first.
 
Upvote 0 Downvote
PIX Version 6.1(4)
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password y8AgaPIP.GC3ek2C encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname name
domain-name domain.com
fixup protocol ftp 21
fixup protocol http 80
fixup protocol h323 1720
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol sip 5060
fixup protocol skinny 2000
access-list outside_access_in permit tcp any eq 10.10.10.12
pager lines 24
logging on
logging buffered warnings
interface ethernet0 10baset
interface ethernet1 10baset
mtu outside 1500
mtu inside 1500
ip address outside 10.10.10.244 255.255.255.0
ip address inside 172.65.4.254 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm location 172.65.4.9 255.255.255.255 inside
pdm logging warnings 100
pdm history enable
arp timeout 60
global (outside) 1 interface
nat (inside) 1 172.65.4.0 255.255.255.0 0 0
static (inside,outside) 10.10.10.12 WEBET netmask 255.255.255.255 0 0
access-group outside_access_in in interface outside
route outside 0.0.0.0 0.0.0.0 10.10.10.1 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h323 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server RADIUS protocol radius
http server enable
http 10.10.10.0 255.255.255.0 outside
http 172.65.4.0 255.255.255.0 inside
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
sysopt route dnat
telnet timeout 5
ssh timeout 5
dhcpd address 172.65.4.120-172.65.4.220 inside
dhcpd dns 111.222.333.4
dhcpd lease 43200
dhcpd ping_timeout 750
dhcpd enable inside

Sorry I forgot to post earlier.

**********************************************************

-We do not have a dns server on site....it is housed somewhere else.
-The webserver is not on a dmz


M
 
Upvote 0 Downvote
I used the alias command as you suggested, and that fixed my problem. Thank you so much for the help.

M
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
729
Sameer258
Sameer258
Tommy_T
  • Locked
  • Question
Sonic wall - Have an issue remotely connectioning VNC and SMB (and AFP) to one of the 2 ISP circuits
Replies
1
Views
548
nnaarrnn
nnaarrnn
Nitta84
  • Locked
  • Question
navigation slow and tcp syc/ack drop
Replies
0
Views
475
Nitta84
Nitta84
mackland1903
  • Locked
  • Question
Populate oblect group from DNS
Replies
1
Views
145
burtsbees
burtsbees
Russtoleum
  • Locked
  • Question
SW GVC won't route traffic through sonicwall to offsite tunnel unless it leases an ip on the same su
Replies
1
Views
171
Russtoleum
Russtoleum

Part and Inventory Search

Sponsor

Back
Top