ā11-06-2012 01:36 AM - edited ā03-11-2019 05:19 PM
Hi all,
I have an issue with portforwarding in my teleeye cctv behind asa 8.4.
I can browse the DVR outside via http however when i attempt to login, "server busy" will prompt afterwards.
Note: Theres no issue when acesssing the DVR locally.
Heres my config.
OUTSIDE INTERFACE:
interface Ethernet0/3
speed 100
duplex full
nameif bayan
security-level 0
ip address 10.10.10.2 255.255.255.252
INSIDE INTERFACE:
interface Ethernet0/0.249
vlan 249
nameif internal
security-level 100
ip address 1.1.1.1 255.255.255.0
OBJECT NETWORK:
object network cctv
host 1.1.1.10
STATIC NAT:
object network cctv
nat (internal,bayan) static interface service tcp www 28188
OUTBOUND ACL:
access-list internal_access-in extended permit tcp host 1.1.1.10 eq www any log
INBOUND ACL:
access-list outside-in extended permit tcp any host 1.1.1.10 eq www
ACCESS-GROUP:
access-group internal_access-in in interface internal
access-group outside-in in interface bayan
Note: The box have CSC-SSM, is there a connection with the configuration of the module?
Thanks.
ā11-06-2012 01:53 AM
Hello Roel,
You meant to say that, when you browse the server using outside interface,, you are getting page ? and when you give username and password , you are getting the error ? is that the issue ?
regards
Harish
ā11-06-2012 05:27 PM
Hi Harish,
Yes, that is the issue.
Is there something wrong with my configuration?
Thanks,
Roel
ā11-06-2012 11:52 PM
Hello Roel,
Can you modify the inside acl as follows ad try
access-list internal_access-in extended permit ip host 1.1.1.10 any
I suspect the reverse traffic is somehow getting blocked
regards
Harish.
ā11-07-2012 12:01 AM
Hi Harish,
Client informed that they modify http port of their DVR to 1024.
I change www in my nat and acl to 1024 and it works.
Thanks,
Roel
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: