I have a app running on an 2003 IIS box. There are other sites running on port 80 with no problem
The application that I am having problems with is running on port 8080 on the same IIS server
It is running internally on port 80 with an IP address of 192.168.30.30 and has a index page that redirects to port 8080 which is where the application runs on tomcat, allowing internal DNS by name.
The IIS server has 2 IP addresses assigned 192.168.30.20 for all port 80 sites and 192.168.30.30 for the site on 8080
All sites work fine internally and all sites on port 80 work externally
Externally I cannot get to the site on 66.173.204.219 either by IP or DNS
The external IP is 66.173.204.219 and Internal is 192.168.30.30
Here are the rules that I have on the PIX 515e firewall for this
object-group network EPA_www
description All servers providing to the outside
network-object host 66.173.204.219
access-list acl_out permit tcp any host 66.173.204.219 eq www
access-list acl_outside permit tcp any object-group EPA_ www
static (inside,outside) tcp 66.173.204.219 8080 netmask 255.255.255.255 0 0
I tried to put in static (inside,outside) 66.173.204.219 192.168.30.30 netmask 255.255.255.255 0 0
and I get
WARNING: mapped-address conflict with existing static
tcp from inside:192.168.30.30/8080 to outside:66.173.204.219/80 netmask 255.
255.255.255
WARNING: real-address conflict with existing static
tcp from inside:192.168.30.30/8080 to outside:66.173.204.219/80 netmask 255.
255.255.255
I then removed static (inside,outside) tcp 66.173.204.219 8080 netmask 255.255.255.255 0 0
and added static (inside,outside) 66.173.204.219 192.168.30.30 netmask 255.255.255.255 0 0
Still no luck externally
Any ideas on what to fix or change?
The application that I am having problems with is running on port 8080 on the same IIS server
It is running internally on port 80 with an IP address of 192.168.30.30 and has a index page that redirects to port 8080 which is where the application runs on tomcat, allowing internal DNS by name.
The IIS server has 2 IP addresses assigned 192.168.30.20 for all port 80 sites and 192.168.30.30 for the site on 8080
All sites work fine internally and all sites on port 80 work externally
Externally I cannot get to the site on 66.173.204.219 either by IP or DNS
The external IP is 66.173.204.219 and Internal is 192.168.30.30
Here are the rules that I have on the PIX 515e firewall for this
object-group network EPA_www
description All servers providing to the outside
network-object host 66.173.204.219
access-list acl_out permit tcp any host 66.173.204.219 eq www
access-list acl_outside permit tcp any object-group EPA_ www
static (inside,outside) tcp 66.173.204.219 8080 netmask 255.255.255.255 0 0
I tried to put in static (inside,outside) 66.173.204.219 192.168.30.30 netmask 255.255.255.255 0 0
and I get
WARNING: mapped-address conflict with existing static
tcp from inside:192.168.30.30/8080 to outside:66.173.204.219/80 netmask 255.
255.255.255
WARNING: real-address conflict with existing static
tcp from inside:192.168.30.30/8080 to outside:66.173.204.219/80 netmask 255.
255.255.255
I then removed static (inside,outside) tcp 66.173.204.219 8080 netmask 255.255.255.255 0 0
and added static (inside,outside) 66.173.204.219 192.168.30.30 netmask 255.255.255.255 0 0
Still no luck externally
Any ideas on what to fix or change?