New installation Cisco ASA 5505

0 Votes

New installation Cisco ASA 5505

Hi I'm trying to configure a Cisco ASA 5505 and having some problem with the http traffic to an inside server.

My hardware configuration:

Internet with static IP -> Cisco ASA 5505 -> Server

I want the server to act as web server.

I can access the Internet from the server but no port 80 traffic can reach the server.

My interfaces are:
outside ethernet0/0 enabled security level 0 <static ip> vlan1
inside ethernet0/1-7 enable security level 100 vlan2

No Type Source Destination interface address
1 dynamic inside/network any outside outside
1 static <static ip>http any inside

Security Policy:
No Enabled Source Destination Service Action
1 any any less secure ip permit
2 any any ip deny
1 Y any inside-network http permit
2 Y any any icmp permit
3 any any ip deny

I am using ASDM to configure...

The configuration:

ASA Version 7.2(2)
hostname XXXXX
domain-name default.domain.invalid
enable password fg7usdfsBsdff encrypted
interface Vlan1
nameif outside
security-level 0
ip address <ip from ISP>
ospf cost 10
interface Vlan2
nameif inside
security-level 100
ip address
ospf cost 10
interface Ethernet0/0
interface Ethernet0/1
switchport access vlan 2
interface Ethernet0/2
switchport access vlan 2
interface Ethernet0/3
switchport access vlan 2
interface Ethernet0/4
switchport access vlan 2
interface Ethernet0/5
switchport access vlan 2
interface Ethernet0/6
switchport access vlan 2
interface Ethernet0/7
switchport access vlan 2
passwd 2sdadbNIdI.2asdU encrypted
boot config disk0:/startup-config
ftp mode passive
dns server-group DefaultDNS
domain-name default.domain.invalid

access-list outside_access_in extended permit icmp any any
access-list outside_access_in extended permit tcp any host <ip from ISP>
access-list inside_access_in extended permit ip any any
pager lines 24
logging enable
logging asdm informational
mtu outside 1500
mtu inside 1500
icmp unreachable rate-limit 1 burst-size 1
asdm image disk0:/asdm-522.bin
no asdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1
static (outside,inside) tcp www <ip from ISP> www netmask
static (inside,outside) tcp <ip from ISP> www www netmask
access-group outside_access_in in interface outside
access-group inside_access_in in interface inside
route outside <GW from ISP>
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 icmp 0:00:02
timeout sunrpc 0:10:00 h323 0:05:00 h225 1:00:00 mgcp 0:05:00 mgcp-pat 0:05:00
timeout sip 0:30:00 sip_media 0:02:00 sip-invite 0:03:00 sip-disconnect 0:02:00
timeout uauth 0:05:00 absolute
http server enable
http inside
no snmp-server location
no snmp-server contact
snmp-server enable traps snmp authentication linkup linkdown coldstart
telnet timeout 5
ssh timeout 5
console timeout 0
dhcpd address inside
dhcpd enable inside

policy-map type inspect dns preset_dns_map
message-length maximum 512
prompt hostname context
: end
asdm image disk0:/asdm-522.bin
no asdm history enable