Solved

Problems accessing web server through ASA firewall - from inside interface to DMZ

Posted on 2008-06-16
2
489 Views
Last Modified: 2011-10-19
We have a web server located in a DMZ which we cannot seem to reach via web browser from our internal network.  On one interface of our ASA 5520, we have an internal network (172.16.1.X) with security level 100 and on another interface, the DMZ (172.16.2.X) with security level 50.  The inside network has only the implicit rule to allow all traffic to less secure networks; it is NAT exempt to the DMZ segment.  We can ping the web server, and access it via RDP, but cannot see the web page via HTTP.  The web server is accessible from the internet, however, via either the IP address or the domain name.  I have attached a screenshot of the error message that IE gives when attempting to access the website via its internal (DMZ) address.
connection-error.JPG
0
Comment
Question by:clewis_RPM
2 Comments
 
LVL 11

Expert Comment

by:billwharton
ID: 21798700
paste your pix config please
0
 

Accepted Solution

by:
clewis_RPM earned 0 total points
ID: 21814821
We have a Barracuda 310 inline with our firewall; this was unable to route to the DMZ network segment.  We gave it a static route (in the Barracuda interface) and now we're able to pass HTTP traffic.
0

Featured Post

Netscaler Common Configuration How To guides

If you use NetScaler you will want to see these guides. The NetScaler How To Guides show administrators how to get NetScaler up and configured by providing instructions for common scenarios and some not so common ones.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Title # Comments Views Activity
Guest Wi-Fi Marketing solution required 8 66
Cost effective dual wan w/ qos 5 29
nexus filter logs 3 29
Looking for open port with Telnet 5 34
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
In this article, I am going to show you how to simulate a multi-site Lab environment on a single Hyper-V host. I use this method successfully in my own lab to simulate three fully routed global AD Sites on a Windows 10 Hyper-V host.
Viewers will learn how to connect to a wireless network using the network security key. They will also learn how to access the IP address and DNS server for connections that must be done manually. After setting up a router, find the network security…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

863 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now