Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
1005
Views
0
Helpful
3
Replies

Problem to access the web server from outside

sroodit81
Level 1
Level 1

‎07-16-2018 12:35 AM - edited ‎02-21-2020 07:59 AM

hi dears

please i have problem to access my web server from outside

my scenario it is have multiple network subnet like in the diagram

and i enable the routing between all

please can you support me to fixing my problem

my network.PNG

Labels:
myconfig.txt
Preview file
7 KB
0 Helpful
3 Replies 3

Bogdan Nita
VIP Alumni
VIP Alumni

‎07-16-2018 04:22 AM

Config looks ok, it must be a combination between bridge-group and nat.

Did you try to configure the static nat as policy without "after-auto" instead of object nat ?

What is the output from packet-tracer input outside tcp 1.1.1.1 1025 56.56.56.3 80 ?

 

HTH

Bogdan

0 Helpful

sroodit81
Level 1
Level 1
In response to Bogdan Nita

‎07-16-2018 04:31 AM

i don't run this configuration in packet trace

i just used packet trace to design my scenario

and i run same configuration with direct connect to Web server it be ok to access but when i have multiple subnet i missing the access to web server

also i have ping from the ASA to All subnet and And vice versa

0 Helpful

Bogdan Nita
VIP Alumni
VIP Alumni
In response to sroodit81

‎07-16-2018 06:19 AM

I meant the packet-tracer command.

https://www.cisco.com/c/en/us/td/docs/security/asa/asa-command-reference/I-R/cmdref2/p1.html

Why do you need the bridge-group if you are routing all internal networks to 172.17.20.2 ?

If bridge-group is not necessary i would recommend removing it.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card
Top