ASA Firewall Issue to access Webserver

I have problem to access new website from outside. Connection from outside as Router > ASA 5520 > CSS > Web Server. Web server is in DMZ. I am able to access website from inside. seems Firewall access list not showing any hitcount. below is show nat and show access-list result


#Sh NAT
match ip web&sp_dmz host VMCOLLABSP-CancerTodaymag outside any
    static translation to 12.39.245.56
    translate_hits = 0, untranslate_hits = 1160

#Sh Access-List
access-list outside_access_in line 71 remark CancerTodaymag.org
access-list outside_access_in line 72 extended permit tcp any host 12.39.245.56 object-group Web_TCP_Ports 0x62b5b0b0
access-list outside_access_in line 72 extended permit tcp any host 12.39.245.56 eq www (hitcnt=0) 0xbc7a243e
access-list outside_access_in line 72 extended permit tcp any host 12.39.245.56 eq https (hitcnt=0) 0xefc064a4

sumod_jacobSenior IT ManagerAsked:
Who is Participating?

[Product update] Infrastructure Analysis Tool is now available with Business Accounts.Learn More

x
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
access-list outside_acl extended permit tcp any host 12.39.245.56 eq https

Open in new window

permit access to inside to your exchange website which is https .. try it
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
sorry i missed something , you are unable to access it from outside?
btw check this article explain logging in ASA

http://www.ciscopress.com/articles/article.asp?p=424447&seqNum=3
0
Maen Abu-TabanjehNetwork Administrator, Network ConsultantCommented:
also check if you have these settings that can let OWA working well :

 static (inside,outside) tcp <public ip> http <server ip> http netmask 255.255.255.255
 static (inside,outside) tcp <public ip> https <server ip> https netmask 255.255.255.255

access-list outside_in permit tcp any host <public ip> eq http
access-list outside_in permit tcp any host <public ip> eq https
access-group outside_in in  interface outside
0
Turn Raw Data into a Real Career

There’s a growing demand for qualified analysts who can make sense of Big Data. With an MS in Data Analytics, you can become the data mining, management, mapping, and munging expert that today’s leading corporations desperately need.

sumod_jacobSenior IT ManagerAuthor Commented:
Solved... this was an explicit deny ACL issue in Firewall... Thanks
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
sumod_jacobSenior IT ManagerAuthor Commented:
Issue solved by myself
0
sumod_jacobSenior IT ManagerAuthor Commented:
ee
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
Exchange

From novice to tech pro — start learning today.