Quick PIX question

[jpopa]

I am using a 506e firewall for my network. I have a webserver inside my lan, that I need to allow access to from outside the lan. I would like all users to be able to use 1 address to get to the device. In my config, I added...

conduit permit tcp host 216.120.167.254 eq

http://www any

conduit permit tcp host 216.120.167.254 eq 4567 any

and

static (inside,outside) 216.120.167.254 192.168.1.30 netmask 255.255.255.255 0 0

From inside the lan, I can access the LAN IP(.1.30) fine. From the wan, I can access the WAN IP(.167.254) fine. But from inside the LAN, I cannot access the WAN IP. Any thoughts? I know there's a command that sets this up, I've used it before. I just can't remember what it is. Thanks guys

 

[jfwebber]

Try the following:

alias (inside) 216.120.167.254 192.168.1.30 255.255.255.255

 

[jpopa]

Didn't work. Any other thoughts?

 

[jpopa]

Just for your benefit...

T1 Cable Modem
| |
CSU/DSU My remote PC
|
Cisco Pix
\
LAN
/\
/ \
Me Server

So here's a dumbed down visual of my network. When I am on the LAN, I can get to Server via it's IP 192.168.1.30. When I am at home I can get to it via 216.120.167.254. When I am on the LAN, I cannot access it via 216.120.167.254. I have tried the alias command, and nothing is working. Any thoughts on this? Thanks

 

[WANguy2k]

I have the same setup, I can't do it either. The PIX won't establish an outgoing http connection then reroute it inside as far as I know. Why do you need to use the IP address? Why not just use a name? (Register 216.120.167.254 as mydomain.com on your ISP's DNS and put an entry for mydomain.com as 192.168.1.30 on your internal DNS).

 

[jpopa]

Would you believe I need to use an ancient app that can only use IP?

 

[WANguy2k]

So you need to configure the IP address of the web server in the app, which runs on the client, and you want to use the same IP address whether the client is outside or inside?