Solved

Web server hosting the port 80 redirection cannot access itself

Posted on 2007-12-05
2
276 Views
Last Modified: 2010-04-09
Port 80 on the external address of our Pix 501 (68.179.x.y) is redirected to our internal Web Server at  ip address 10.200.6.25. Everyone can access the web site properly, internal as well as external clients. Except from the Web server itself. If I go to address 68.179.x.y in IE from the web server itself, I get Page Cannot be displayed.

Is this a normal Cisco Pix behaviour preventing a redirected host to access itself from the external interface, or is it a misconfiguration on our part ?
0
Comment
Question by:ndidomenico
2 Comments
 
LVL 19

Accepted Solution

by:
nodisco earned 500 total points
ID: 20415078
No its quite normal.  The PIX won't let traffic go back in the interface it originates from - the originating traffic is going out the PIX outside ip as thats where the address is but needs to come back in as its port-forwarded internally.

won't work.

If you want a quick workaround - put a DNS A record for the URL name - e.g. www.mycompany.com to the 10.200.6.25 address on your DNS server - or even just create an entry for this in the hosts file
0
 

Author Comment

by:ndidomenico
ID: 20419264
What is the security or technical reason for the Pix to block this form of out/in traffic ? This Pix is replacing a low-end Linksys router which was not blocking this sort of traffic.

For the workaround, I'm afraid it won't work in this case. Displaying the web page we need is done by first going to another web page on the Internet, which has a link that brings us to our web page, except that the link on that site is using an IP address (the external ip of the Pix) instead of a url name. Can we get arout this without having to modify this external web page ?
0

Featured Post

Is Your Active Directory as Secure as You Think?

More than 75% of all records are compromised because of the loss or theft of a privileged credential. Experts have been exploring Active Directory infrastructure to identify key threats and establish best practices for keeping data safe. Attend this month’s webinar to learn more.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

This is about downgrading PIX Version 8.0(4) & ASDM 6.1(5) to PIX 7.2(4) and ASDM 5.2(4) but with only 64MB RAM and 16MB flash. Background: You have a Cisco Pix 515E which was running on PIX 7.2(4) and its supporting ASDM 5.2(4) without any i…
From Cisco ASA version 8.3, the Network Address Translation (NAT) configuration has been completely redesigned and it may be helpful to have the syntax configuration for both at a glance. You may as well want to read official Cisco published AS…
This is a video describing the growing solar energy use in Utah. This is a topic that greatly interests me and so I decided to produce a video about it.
Need to grow your business through quality cloud solutions? With everything required to build a cloud platform and solution, you may feel like the distance between you and the cloud is quite long. Help is here. Spend some time learning about the Con…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

19 Experts available now in Live!

Get 1:1 Help Now