Opening up HTTP access to additional Webserver behind a PIX 515

Hi, I have a webserver which I just added to our network which I am trying to grant access to from the outside.  I added the following lines to the pix configuration:


access-list outside_access_in permit tcp any host 61.19.161.13 eq www
static (inside,outside) 61.19.161.13 192.168.103.11 netmask 255.255.255.255 0 0

I have another webserver which is currently accessible which looks to be using the same syntax as this but with different external/internal addresses for other webserver; however this one that I just added is not accessible.  Am I missing something from this config?

Thank you!
jfexchangeAsked:
Who is Participating?
 
lrmooreConnect With a Mentor Commented:
>I was given the external IP address to use by someone else, I think maybe it is not valid?
It absolutely must be given to you by your ISP, not anyone else.
It should be in the same range as the outside interface of the PIX
0
 
lrmooreCommented:
Did you clear xlate after adding the static?
Did you re-apply the access-group to the interface?

pixfirewall(config)#clear xlate
pixfirewall(config)#access-group outside_access_in in interface outside

Did you verify the correct IP address, subnet mask and default gateway on the server? Does it point to the PIX IP as its default gateway?
0
 
jfexchangeAuthor Commented:
Thanks for the quick response, I did verify the IP and clear the xlate.  I didn't think I need to re-apply the access-group on the pix, but I just did that now and recleared the xlate and it still is not working.

Could it be anything else?
I was given the external IP address to use by someone else, I think maybe it is not valid?
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.