Tim Lewis
asked on
accessing websites with cisco firewall
Just a general question looking for suggestions. We have had some minor issues with accessing websites externally. We use a cisco firewall that has been in place for about 5 years. What will happen is non-NAT machines will not be able to access a certain website through the firewall it comes back unavailable. Machines that are NAT addressed will access this site fine and the same non-NAT machines have no issues on other networks. This only happens for maybe one out of 10000 websites we try to access. I have no clue what it could be or even if it is on our side. I am looking for suggestions as to where to start.
Have you viewed the logs and see if your answer jumps out at you after an unsuccessful attempt?
Agree, first check the logs. If you know any particular site that has this problem you can force an error and meanwhile check the logs.
ASKER
I see nothing in the logs that shows anything for my IP address or the IP of the site I am trying to access.
Ok, you talked about non-nat machines. Does that mean they use a public IP address?
ASKER
They are the ones without a public IP.
Ehr, let me first try to get the picture. You have natted and non-natted machines. Imho that would mean that some have private IPs and are natted through the firewall and others have public IPs and aren't natted.
Am I even close in this assumption?
Am I even close in this assumption?
ASKER
correct. the non-NAT use the firewall IP for outside access when the NAT each have their own public IP
Well, NAT means Network Address Translation, in other words NATted machines' IP addresses are changed on the firewall. Non-NATed machines use public IPs
So, those public ip's are 'yours' ?
Furthermore, what is the reason you have set things up this way (natted an non-natted)? And I agree with fgasimzade on the terminology for that matter :)
Furthermore, what is the reason you have set things up this way (natted an non-natted)? And I agree with fgasimzade on the terminology for that matter :)
Have you checked your DNS settings? J/C
ASKER CERTIFIED SOLUTION
membership
This solution is only available to members.
To access this solution, you must be a member of Experts Exchange.
ASKER
It is the only answer that is close.