ASA Firewall Issue to access Webserver

I have problem to access new website from outside. Connection from outside as Router > ASA 5520 > CSS > Web Server. Web server is in DMZ. I am able to access website from inside. seems Firewall access list not showing any hitcount. below is show nat and show access-list result


#Sh NAT
match ip web&sp_dmz host VMCOLLABSP-CancerTodaymag outside any
    static translation to 12.39.245.56
    translate_hits = 0, untranslate_hits = 1160

#Sh Access-List
access-list outside_access_in line 71 remark CancerTodaymag.org
access-list outside_access_in line 72 extended permit tcp any host 12.39.245.56 object-group Web_TCP_Ports 0x62b5b0b0
access-list outside_access_in line 72 extended permit tcp any host 12.39.245.56 eq www (hitcnt=0) 0xbc7a243e
access-list outside_access_in line 72 extended permit tcp any host 12.39.245.56 eq https (hitcnt=0) 0xefc064a4

sumod_jacobSenior IT ManagerAsked:
Who is Participating?
 
sumod_jacobConnect With a Mentor Senior IT ManagerAuthor Commented:
Solved... this was an explicit deny ACL issue in Firewall... Thanks
0
 
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
access-list outside_acl extended permit tcp any host 12.39.245.56 eq https

Open in new window

permit access to inside to your exchange website which is https .. try it
0
 
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
sorry i missed something , you are unable to access it from outside?
btw check this article explain logging in ASA

http://www.ciscopress.com/articles/article.asp?p=424447&seqNum=3
0
Get Cisco Certified in IT Security

There’s a high demand for IT security experts and network administrators who can safeguard the data that individuals, corporations, and governments rely on every day. Pursue your B.S. in Network Operations and Security and gain the credentials you need for this high-growth field.

 
Maen Abu-TabanjehConnect With a Mentor Network Administrator, Network ConsultantCommented:
also check if you have these settings that can let OWA working well :

 static (inside,outside) tcp <public ip> http <server ip> http netmask 255.255.255.255
 static (inside,outside) tcp <public ip> https <server ip> https netmask 255.255.255.255

access-list outside_in permit tcp any host <public ip> eq http
access-list outside_in permit tcp any host <public ip> eq https
access-group outside_in in  interface outside
0
 
sumod_jacobSenior IT ManagerAuthor Commented:
Issue solved by myself
0
 
sumod_jacobSenior IT ManagerAuthor Commented:
ee
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.