Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
278
Views
0
Helpful
3
Replies

WEB SERVER IN DMZ

rlowe26
Level 1
Level 1

‎03-04-2004 07:47 AM - edited ‎03-09-2019 06:38 AM

I have a PIX 515E configured with a DMZ. I have my web server in the DMZ and all is working well. Well, actually too well. Outside users can access the web page on the web server via the web site Hostname.tac.org (Example). Also, outside users can access the web site via the Outside IP Address. However, when you ping or tracert the Outside IP Address of the web site/web server it TIMES OUT.

I did not think the outside would be able to access the Web Site with the Outside IP Address, as it has been changed to a 10.10.10.X address and within the DMZ. What am I missing? I have verified all of my configurations on the PIX and all are correct. Ron

Labels:
0 Helpful
3 Replies 3

mostiguy
Level 6
Level 6

‎03-04-2004 08:26 AM

you are probably blocking icmp, which is required for ping and traceroute to work.

the web site needs to be accessible by ip, that is how things work

0 Helpful

patrick.cannon
Level 1
Level 1

‎03-04-2004 09:22 AM

What Mostiguy said....

You can use hostheaders on the webserver to force them to hit it by fqdn if you don't want them to be able to do it by ip address.

0 Helpful

rlowe26
Level 1
Level 1
In response to patrick.cannon

‎03-04-2004 10:08 AM

Thanks, I put the Host Header, which took care of the problem. Ron

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents