Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
235
Views
0
Helpful
1
Replies

Can't access DMZ web server from Internet

jkrawczyk
Level 1
Level 1

‎06-13-2005 08:47 AM - edited ‎03-09-2019 11:33 AM

Hi;

I have the following config on my 3 interface PIX but I cannot access DMZ address 65.213.200.17 from Internet. 172.30.14.11 is my DMZ web server and I allow only https.

access-list OUTSIDE_IN permit any host 65.213.200.17 eq 443

static (DMZ, outside) 65.213.200.17 172.30.14.11 netmask 255.255.255.255

access-group OUTSIDE_IN in interface outside

Please advise to what I’m missing or doing incorrectly.

Thank you kindly

Jeff

Labels:
0 Helpful
1 Reply 1

vkapoor5
Level 5
Level 5

‎06-17-2005 06:55 AM

In the first line of your config, the keyword 'tcp' is missing.

Also you should check the routing part. Can you access other hosts on the DMZ from the internet, provided you have allowed access through PIX? Check if the Webserver default gateway is configured correctly. Check any access-list on the inside interface. Is your webserver running "https" on the port 443?

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents