11-06-2012 01:36 AM - edited 03-11-2019 05:19 PM
Hi all,
I have an issue with portforwarding in my teleeye cctv behind asa 8.4.
I can browse the DVR outside via http however when i attempt to login, "server busy" will prompt afterwards.
Note: Theres no issue when acesssing the DVR locally.
Heres my config.
OUTSIDE INTERFACE:
interface Ethernet0/3
speed 100
duplex full
nameif bayan
security-level 0
ip address 10.10.10.2 255.255.255.252
INSIDE INTERFACE:
interface Ethernet0/0.249
vlan 249
nameif internal
security-level 100
ip address 1.1.1.1 255.255.255.0
OBJECT NETWORK:
object network cctv
host 1.1.1.10
STATIC NAT:
object network cctv
nat (internal,bayan) static interface service tcp www 28188
OUTBOUND ACL:
access-list internal_access-in extended permit tcp host 1.1.1.10 eq www any log
INBOUND ACL:
access-list outside-in extended permit tcp any host 1.1.1.10 eq www
ACCESS-GROUP:
access-group internal_access-in in interface internal
access-group outside-in in interface bayan
Note: The box have CSC-SSM, is there a connection with the configuration of the module?
Thanks.
11-06-2012 01:53 AM
Hello Roel,
You meant to say that, when you browse the server using outside interface,, you are getting page ? and when you give username and password , you are getting the error ? is that the issue ?
regards
Harish
11-06-2012 05:27 PM
Hi Harish,
Yes, that is the issue.
Is there something wrong with my configuration?
Thanks,
Roel
11-06-2012 11:52 PM
Hello Roel,
Can you modify the inside acl as follows ad try
access-list internal_access-in extended permit ip host 1.1.1.10 any
I suspect the reverse traffic is somehow getting blocked
regards
Harish.
11-07-2012 12:01 AM
Hi Harish,
Client informed that they modify http port of their DVR to 1024.
I change www in my nat and acl to 1024 and it works.
Thanks,
Roel
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide