cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
662
Views
1
Helpful
3
Replies

Web Server not accessible behind FMC

Rolling out new FMC deployment the Web server, Web sights are not reachable. Doing google search the redirect times out, but typing https://wxyz.com takes you to the VPN login. Doing packet trace it shows all traffic is allowed. Changed ports for web server and no change. I have added ACL and NAT for Web Server and VPN bellow.  

Not sure what is missing 

 

 

3 Replies 3

balaji.bandi
Hall of Fame
Hall of Fame

what version of FTD / FMC

i tried some time back using FDM in my Lab still works. (same stepd FMC should work) - try packet tracer

https://www.balajibandi.com/?p=1855

check this thread :

https://community.cisco.com/t5/network-security/cisco-fmc-nat/m-p/4825506

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

Running 7.0.5, I will give this a try tomorrow and let you know. Thanks

Update not sure what's going on FMC will not let me add the Auto NAT rule. Says cannot add a rule when port is in use? With current config I am getting the following drop when doing packet tracer. 

Phase: 9
Type: NAT
Subtype: rpf-check
Result: DROP
Config:
nat (Outside,Inside_Trunk) source static any interface destination static Web_Svr_New any
Additional Information:

Any suggestions I should try.

Review Cisco Networking for a $25 gift card