Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
259
Views
0
Helpful
2
Replies

Access problem to Web server behind a PIX

ericavar
Level 1
Level 1

‎06-08-2005 09:47 AM - edited ‎02-21-2020 12:11 AM

Hi,

I have a problem with a PIX firewall 501 6.3.4

When I try to access to a web server located behind the secure interface, the connection hangs.

I put a sniffer (Ethereal) on my computers (2 for the test).

I can see a lot of [PSH,ACK], [TCP previous segment lost], [TCP DUP ACK] on one of them and the connection needs almost 5 minutes.

On the second one, just [PSH,ACK] and the connection is made after one or two minutes.

When I try to access a similar Web server on another network with another PIX as firewall, the traces don't show any PSH or DUP ACK.

I'm trying to find informations about changing TCP/IP parameters on the Web server but I dont know where to search.

Any help will be appreciated.

Regards.

0 Helpful
2 Replies 2

a.alekseev
Level 7
Level 7

‎06-08-2005 11:08 PM

Is your configuration on the PIX correct?

0 Helpful

ericavar
Level 1
Level 1
In response to a.alekseev

‎06-09-2005 05:24 AM

I hope !

One thing is not regular. The internal IP address are public adresses (128.x.x.x)... and my customer cannot change them for the moment.

Here is some of my configuration :

access-list outside_access_in permit tcp any interface outside eq 2080

static (inside,outside) tcp interface 2080 inside_web_server 2080 netmask 255.255.255.255 0 0

access-group outside_access_in in interface outside

I don't thing I need much more to make the access work to inside.

Do you want the entire configuration ?

Regards

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card