[Okta Webinar] Learn how to a build a cloud-first strategyRegister Now

x
?
Solved

Setting up Web Server behind Cisco 2600 Router and Pix Firewall

Posted on 2007-10-09
5
Medium Priority
?
439 Views
Last Modified: 2008-01-09
Our company has a back up T1 through Sprint that we use for outgoing traffic only at the moment. We would like to know add a webserver to that circuit behind the firewall but accssible from the public side. How do I configure the router and Pix to make this happen. Here is the pertinent information:
2600 Router
Public IP Block 208.xxx.xxx.0 - 208.xxx.xxx.15 255.255.255.240
208.xxx.xxx.1 is on FastEthernet0/0
160.xxx.xxx.66 255.255.255.252 is on Serial0/0
Pix Firewall
ip address outside 208.xxx.xxx.2 255.255.255.240
ip address inside 192.168.1.2 255.255.252.0

Web Server IP: 192.168.1.50

I have been told by our provider we can use 208.xxx.xxx.15 as the public address to route.
0
Comment
Question by:andrishelp
  • 3
  • 2
5 Comments
 
LVL 12

Expert Comment

by:Freya28
ID: 20044619
you have to create a static mapping and open an access-list on the PIX

static(inside,outside) chooseavailablepublicip 192.168.1.50

access-list acl_in permit tcp any host chooseavailablepublicip eq 80
access-group acl_in in interface outside.

that is it.  these 3 commands.  the value for chooseavailablepublicip will be an available public ip that you have from your block of public ips that are on that line  Public IP Block 208.xxx.xxx.0 - 208.xxx.xxx.15 255.255.255.240
0
 

Author Comment

by:andrishelp
ID: 20048780
One more question: If my ISP (Sprint) is directing the 208.xxx.xxx.15 address to my router, do I need to set up anything on the router to then route that address to the PIX?
0
 
LVL 12

Accepted Solution

by:
Freya28 earned 2000 total points
ID: 20050665
all of thge ip's in that block should laready be on your line.  but is .15 your broadcast? if so you cant use that.  try .14 or another one.
0
 

Author Comment

by:andrishelp
ID: 20051820
You are correct. I believe .15 is the broadcast.I will use .14. Thanks for you help.
0
 
LVL 12

Expert Comment

by:Freya28
ID: 20051996
glad to help.  good luck
0

Featured Post

New feature and membership benefit!

New feature! Upgrade and increase expert visibility of your issues with Priority Questions.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

How to set-up an On Demand, IPSec, Site to SIte, VPN from a Draytek Vigor Router to a Cyberoam UTM Appliance. A concise guide to the settings required on both devices
I recently attended Cisco Live! in Las Vegas, a conference that boasted over 28,000 techies in attendance, and a week of hands-on learning hosted by a solid partner with which Concerto goes to market.  Every year, Cisco displays cutting-edge technol…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…

873 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question