Inbound traffic problems... - Page 2

e3consulting · ‎09-22-2005

Well, it all seems pretty straight forward. I must be missing something, but I cannot for the life of me see it. Traffic is flowing out just fine, but no OWA or Remote Desktop Web Connection (does this use port 3389??). Exchange mail does flow in and out just fine!

Here is my config, is there a problem?

prompt(config)# show conf

: Saved

: Written by enable_15 at 04:51:04.796 UTC Fri Sep 23 2005

PIX Version 6.3(4)

interface ethernet0 auto

interface ethernet1 auto

nameif ethernet0 outside security0

nameif ethernet1 inside security100

enable password

passwd

hostname xxxxxxxx

fixup protocol dns maximum-length 512

fixup protocol ftp 21

fixup protocol h323 h225 1720

fixup protocol h323 ras 1718-1719

fixup protocol http 80

fixup protocol rsh 514

fixup protocol rtsp 554

fixup protocol sip 5060

fixup protocol sip udp 5060

fixup protocol skinny 2000

no fixup protocol smtp 25

fixup protocol sqlnet 1521

fixup protocol tftp 69

names

access-list email permit tcp any host x.x.x.x eq smtp

access-list email permit tcp any host x.x.x.x eq www

access-list email permit icmp any any echo-reply

access-list email permit icmp any any time-exceeded

access-list email permit icmp any any unreachable

access-list email permit tcp any host x.x.x.x eq https

pager lines 21

logging monitor debugging

logging buffered debugging

mtu outside 1500

mtu inside 1500

ip address outside x.x.x.x x.x.x.x

ip address inside 10.0.0.1 255.255.255.0

ip audit info action alarm

ip audit attack action alarm

pdm history enable

arp timeout 14400

global (outside) 1 interface

static (inside,outside) tcp interface smtp 10.0.0.11 smtp netmask 255.255.255.25

5 0 0

static (inside,outside) tcp interface https 10.0.0.11 https netmask 255.255.255.

255 0 0

static (inside,outside) tcp interface www 10.0.0.8 www netmask 255.255.255.255 0

0

access-group email in interface outside

route outside 0.0.0.0 0.0.0.0 x.x.x.x 1

timeout xlate 1:00:00

timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00

timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00

timeout uauth 0:05:00 absolute

aaa-server TACACS+ protocol tacacs+

aaa-server TACACS+ max-failed-attempts 3

aaa-server TACACS+ deadtime 10

aaa-server RADIUS protocol radius

aaa-server RADIUS max-failed-attempts 3

aaa-server RADIUS deadtime 10

aaa-server LOCAL protocol local

http server enable

http 0.0.0.0 0.0.0.0 inside

no snmp-server location

no snmp-server contact

snmp-server community public

no snmp-server enable traps

floodguard enable

telnet timeout 5

ssh timeout 5

console timeout 25

dhcpd address 10.0.0.30-10.0.0.100 inside

dhcpd dns 10.0.0.8

dhcpd wins 10.0.0.8

dhcpd lease 3600

dhcpd ping_timeout 750

dhcpd enable inside

terminal width 80

prompt(config)#

e3consulting · ‎10-18-2005

Well, that was it. Everything is working perfect. Thank you for the patience and help you have given a complete Pix rookie. All this time, I configured it correctly but just did not test it properly. Committed the cardinal sin, I assumed based on experience with the Sonicwall device.

Again, Thank you!

Mike

jackko · ‎10-19-2005

it's good to learn that your issue has been resolved.

according to cisco:

Why should I rate posts?

If you see a post that you think deserves recognition, please take a moment to rate it.

You'll be helping yourself and others to quickly identify useful content -- as determined by members. And you'll be ensuring that people who generously share their expertise are properly acknowledged. As posts are rated, the value of those ratings are accumulated as "points" and summarized on the Member Profile page and on each member's Preferences page.