Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
867
Views
0
Helpful
3
Replies

Server access https outside http inside

mbluemel
Level 1
Level 1

‎01-20-2011 01:41 AM - edited ‎03-11-2019 12:37 PM

Hi all

I have a customer who wants to publish a web server that will only accept http traffic. As it will be accessed over the internet he was hoping to use https up to the firewall and then http inside. I have tried setting this up in a lab type environment but it doesnt work. Is it possible to even do this?

Here are the lines I have added:

static (noc,outside) tcp x.x.x.x https SNMPserver www netmask 255.255.255.255
access-list outside-access-in extended permit tcp any host x.x.x.x eq https

The device is a 5510 ASA running 8.2(3)

Labels:
0 Helpful
3 Replies 3

handsy
Level 1
Level 1

‎01-20-2011 05:24 AM

I don't believe this is possible.

The ASA can redirect *to* https but not from it. For that you would need something like an F5 LTM device to do SSL offloading.

Hope this helps?

0 Helpful

mbluemel
Level 1
Level 1
In response to handsy

‎01-21-2011 02:36 AM

I thought it may not be possible but was getting more hopeful when it accepted the config change. Thanks for replying anyway.

0 Helpful

shzaman
Level 1
Level 1

‎01-22-2011 01:35 PM

Hi,

The lines mentioned in question should redirect port 443 traffic on IP: x.x.x.x to SNMP server on port:80. But if the x.x.x.x IP address is of outside interface (interface keyword is used) then we should keep in mind that if some service (like webvpn, https-asdm) is running on outside interface then ASA will be using 443 port which is default for webvpn and HTTPS (ASDM). But this is about redirection that is not making connection secure till ASA.

I hope this helps.

-Shahid

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card