Tek-Tips is the largest IT community on the Internet today!

Members share and learn making Tek-Tips Forums the best source of peer-reviewed technical information on the Internet!

Register Log in
  • Congratulations Chris Miller on being selected by the Tek-Tips community for having the most helpful posts in the forums last week. Way to Go!

problems with pix.. newbiee problem

Status
Not open for further replies.
razmar

razmar

IS-IT--Management
Mar 16, 2008
13
PR
Hi:

Having problems trying to publish a webpage, the webserver 10.10.0.2 (on dmz), has the 1.1.1.170 (internet address).

can anyone help me?

the configuration:

enable password 8Ry2YjIyt7RRXU24 encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
names
name 131.15.3.10 RRC-PC
name 1.1.1.173 FTPSERVER-INTERNETADDRESS
name 1.1.1.170 WEBSERVER1-INTERNETADDRESS
name 1.1.1.171 WEBSERVER2-INTERNETADDRESS
name 10.10.0.2 WEBSERVER-IP-DMZ
!
interface Ethernet0
nameif OUTSIDE
security-level 0
ip address 1.1.1.172 255.255.255.248
!
interface Ethernet4
nameif DMZ
security-level 0
ip address 10.10.0.1 255.255.255.0
!
interface Ethernet5
nameif INSIDE
security-level 100
ip address 131.15.254.254 255.255.0.0
!
object-group service DM_INLINE_TCP_2 tcp
port-object eq ftp
port-object eq www
object-group service DM_INLINE_TCP_1 tcp
port-object eq ftp
port-object eq www
access-list DMZ_access_in extended permit tcp 10.10.0.0 255.255.255.0 131.15.0.0 255.255.0.0
access-list INSIDE_access_in extended permit ip host RRC-PC any
access-list INSIDE_access_in extended permit tcp 131.15.0.0 255.255.0.0 10.10.0.0 255.255.255.0
access-list OUTSIDE_access_in extended permit tcp any any
access-list OUTSIDE_access_in extended permit tcp any host WEBSERVER1-INTERNETADDRESS object-group DM_INLINE_TCP_1
access-list OUTSIDE_access_in extended permit tcp any host WEBSERVER2-INTERNETADDRESS object-group DM_INLINE_TCP_2
access-list OUTSIDE_access_in extended permit tcp any host FTPSERVER-INTERNETADDRESS eq ftp
pager lines 24
logging enable
logging asdm informational
mtu OUTSIDE 1500
mtu DMZ 1500
mtu INSIDE 1500
icmp unreachable rate-limit 1 burst-size 1
asdm location RRC-PC 255.255.255.255 INSIDE
asdm location WEBSERVER1-INTERNETADDRESS 255.255.255.255 INSIDE
asdm location WEBSERVER2-INTERNETADDRESS 255.255.255.255 INSIDE
asdm location FTPSERVER-INTERNETADDRESS 255.255.255.255 INSIDE
asdm location WEBSERVER-IP-DMZ 255.255.255.255 INSIDE
no asdm history enable
arp timeout 14400
global (OUTSIDE) 1 WEBSERVER1-INTERNETADDRESS netmask 255.255.255.0
global (OUTSIDE) 101 interface
static (DMZ,OUTSIDE) tcp WEBSERVER1-INTERNETADDRESS 255.255.255.255
static (DMZ,INSIDE) 10.10.0.0 10.10.0.0 netmask 255.255.255.0
static (INSIDE,DMZ) 131.15.0.0 131.15.0.0 netmask 255.255.0.0
access-group OUTSIDE_access_in in interface OUTSIDE
access-group DMZ_access_in in interface DMZ
access-group INSIDE_access_in in interface INSIDE
route OUTSIDE 0.0.0.0 0.0.0.0 1.1.1.169 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout sip-provisional-media 0:02:00 uauth 0:05:00 absolute
http server enable
http RRC-PC 255.255.255.255 INSIDE
no snmp-server location
no snmp-server contact
crypto ipsec security-association lifetime seconds 28800
crypto ipsec security-association lifetime kilobytes 4608000
telnet RRC-PC 255.255.255.255 INSIDE
telnet timeout 5
ssh timeout 5
no threat-detection statistics tcp-intercept
!
class-map inspection_default
match default-inspection-traffic
!
!
policy-map type inspect dns preset_dns_map
parameters
message-length maximum 512
policy-map global_policy
class inspection_default
inspect dns preset_dns_map
inspect ftp
inspect h323 h225
inspect h323 ras
inspect netbios
inspect rsh
inspect rtsp
inspect skinny
inspect esmtp
inspect sqlnet
inspect sunrpc
inspect tftp
inspect sip
inspect xdmcp
!
service-policy global_policy global
Cryptochecksum:286b6b78a87b9591a6fae5c725a414ed
: end
 
Sort by date Sort by votes
you say that you are trying to publish a web page. i'm assuming you mean you are trying to ftp the files?? are you attempting to do this from the inside or from the outside?? also, what is up with the addressing scheme on your inside interface?? i only ask because that scheme is not RFC1918 compliant.

I hate all Uppercase... I don't want my groups to seem angry at me all the time! =)
- ColdFlame (vbscript forum)
 
Upvote 0 Downvote
Status
Not open for further replies.

Similar threads

Sameer258
  • Locked
  • Question
Need Help to Find ip and mac address with email who one open my email
Replies
0
Views
679
Sameer258
Sameer258
ISDPCMAN
  • Locked
  • Question
Cannot connect to TZ-215 Sonicwall appliance with web browser!
Replies
0
Views
146
ISDPCMAN
ISDPCMAN
xwray
  • Locked
  • Question
PIX 501 DHCP Server function
Replies
0
Views
110
xwray
xwray
ITSUPPORTIT
  • Locked
  • Question
VPN from ASA 5510 and RV215W problem
Replies
0
Views
141
ITSUPPORTIT
ITSUPPORTIT
TheFireman2
  • Locked
  • Question
Help with Watchguard Firebox M200 setup as a TMG 2010 replacement with ASA 5515 as main firewall
Replies
1
Views
194
hairlessupportmonkey
hairlessupportmonkey

Part and Inventory Search

Sponsor

Back
Top