cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1556
Views
0
Helpful
16
Replies

outside access

Liam Dwyer
Level 1
Level 1

Hello,

I am having a beat my head against the wall moment.  Trying to put in a access-list statement for an external IP to a DMZ ip address allowing only 80 and 443.  this is the statement -

access-list outside_access_in line 4 extended permit tcp host 12.133.197.99 eq www host 192.168.1.11 eq www

here is the packet-tracer output....

Obviously getting dropped but where?!?!?!

Phase: 1

Type: ACCESS-LIST

Subtype:

Result: ALLOW

Config:

Implicit Rule

Additional Information:

MAC Access list

Phase: 2

Type: ROUTE-LOOKUP

Subtype: input

Result: ALLOW

Config:

Additional Information:

in   192.168.1.0     255.255.255.0   dmz1

Phase: 3

Type: ACCESS-LIST

Subtype:

Result: DROP

Config:

Implicit Rule

Additional Information:

Result:

input-interface: outside

input-status: up

input-line-status: up

output-interface: dmz1

output-status: up

output-line-status: up

Action: drop

Drop-reason: (acl-drop) Flow is denied by configured rule

16 Replies 16

WOW! holy long drive for a short putt!

I am sorry that took so long.  And I thank you for bearing with my ignorance.

I did have the nat in there as of last night but I was using the tcp www https instead of the seperate nats.

thank you again!!