Link to home
Start Free TrialLog in
Avatar of copio
copioFlag for United States of America

asked on

How do I get my website on the web using a PIX501 (via the PDM) and a DNS forwarding service (www.no-ip.com)?

I'm currently using www.no-ip.com for DNS forarding and a Cisco PIX501 to get my website on the internet.  The issue is that no matter what I do it won't get through my firewall, or so it seems.  I did a port scan to see if port 80 was open from the web and it appears to be closed/secured/stealth.  I'm using Windows 2003 Server Standard Edition with IIS 6.0, the server is a DC running DNS.  I beleive I created the right rules on the router but I can't get this to work.  FYI, I'm using the PDM, not the command interface, I'm fairly new to the PIX501 but do have a little excperience.  Also, I used to use a Linksys router and the website went through fine, I wonder if it is a combination of the firewall and IIS6.
Avatar of rsriprac
rsriprac
I would start off by connecting on a regular hub and see if you could connect to the webserver.  If it does connect, then its obviously the PIX unit,  if not then your IIS is not worrking properly.

"I wonder if it is a combination of the firewall and IIS6."

This would be impossible since they sit on different layers, if IIS is working then it is definitly the firewall.  On the firewall, try turning off all protection and see if that makes a difference.  Also try to connect to the webserver via IP and not by its name since you might have some DNS problems.

I suspect it is the PIX firewall, but try out the different tests and reduce it to the PIX firewall.  So if it is the PIX firewall, then like I mention, open all the ports on the firewall and it should work.  Then from there start to shut down the various ports.

Make sure the rules are proper also.  HTTP uses port 80 for incoming request but for it outgoing, it might send it out on different ports. One thing that might help is running a packet/network analyser like ethereal (http://www.ethereal.com/) and see exactly whats going on.

I hope this helps,

-Ram
SOLUTION
Avatar of Tim Holman
Tim Holman
Flag of United Kingdom of Great Britain and Northern Ireland image
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of copio
copio
Flag of United States of America image

ASKER

I beleive I have everything setup, however I can't get to port 80 inbound from the web therefore my website is not accessible.  How do I open port 80 on the PIX501?  I ran a port scan from the outside and it shows that port 80 is closed/stealth.  Thanks...
Avatar of copio
copio
Flag of United States of America image

ASKER

Do I need to use the DNS entries from www.no-ip.com as well?  I don't think so, but thought I'd ask.
ASKER CERTIFIED SOLUTION
Avatar of rsriprac
rsriprac
Link to home
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
Start Free Trial
Avatar of Tim Holman
Tim Holman
Flag of United Kingdom of Great Britain and Northern Ireland image
Could you post up your PIX config, then we will fix it.  :)
Avatar of copio
copio
Flag of United States of America image

ASKER

I'll get my PIX config and post so we can get to the bottom of this, I'm still having the same issue.  Sorry I haven't gotten but I'ev been busy.
Avatar of copio
copio
Flag of United States of America image

ASKER

I'm going to close this out since I finally figured it out.  I had to do some work on the PIX and in the process my ISP shut down port 80, so I'm using a different port now and I'm all set.  They threw me for a loop because they shut down port 80 while I was troubleshooting this issue, port 80 use to be open.  The ISP is Optimum Online/CableVision.
Avatar of Tim Holman
Tim Holman
Flag of United Kingdom of Great Britain and Northern Ireland image
That wasn't very nice of them !