Question

Locked

506e pix external IP not coming through

By linuxsoontobe ·
I am currently having some problems with my Cisco pix firewall 506e. Everything was running fine. I have NAT setup to do the resolution from external IP's to internal IP's. I ran these commands to do the resolution:

access-list outsideinbound permit tcp any host [externalIP] eq 8080

static (inside,outside) tcp [externalIP] 8080 [internalIP] 8080 netmask 255.255.255.255 0 0


access-list outsideinbound permit tcp any host [externalIP] eq smtp

static (inside,outside) tcp [externalIP] smtp [internalIP] smtp netmask 255.255.255.255 0 0

I am using a non-standard port to access my websever/mailserver and such. Everything was working fine. My DNS properly routes to the externalIP for my website/mailserver. And the day before I was able to use the http://FQDN:8080 to access my websever/mailserver. Then the next day it just stopped working I can't access my webmail/server using http://FQDN:8080 FQDN:25 (for my email client) , immediatley I thought it was my DNS, but I checked and it was not. To be sure I tried connecting using just the external IP and THAT DIDN'T WORK EITHER!!! e.g. : http://[externalIP]:8080 [externalIP]:25 . PLEASE NOTE using the internalIP's work. the ODD THING is that gmail and other webservers are able to still send mail to me. I checked an online tool that checks for open ports and all the ports say are open, yet I cannot connect using the IP address. This is very perplexing because the day before everything was working. Please help!!!!!!!

This conversation is currently closed to new comments.

2 total posts (Page 1 of 1)  
| Thread display: Collapse - | Expand +

All Answers

Collapse -

if you use IPs with port #s they don't work?

by CG IT In reply to 506e pix external IP not ...

firewall is blocking it them. so you need to look at your ACLs and not use the /32 subnet mask [all 1s]. That's an invalid subnet mask

Back to Networks Forum
2 total posts (Page 1 of 1)  

Related Discussions

Related Forums