- Posts: 301
- Thank you received: 3
Uber newb in Linux
19 years 3 weeks ago #11066
by Bublitz
The Bublitz
Systems Admin
Hospice of the Red River Valley
Replied by Bublitz on topic Re: Uber newb in Linux
SMB its not there for some reason.
Im having trouble with my web server. Its driving me nuts.
http is running and if i type the internal ip in it works.
but from outside it doesn't I cant figure out why.
Here is my PIX setup my Terminal server word but http doesn't tried to get it to work with sonicwall also. Also when I try domain requests from DNSSRUFF.com thats works its driving me crazy.
PIX Version 6.3(3)
interface ethernet0 auto
interface ethernet1 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password U9yuZ578sID7nF3B encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname BPIX
domain-name pfbiz.local
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
access-list Out_IN permit udp any host 216.16.67.246 eq domain
access-list Out_IN permit tcp any host 216.16.67.246 eq www
access-list Out_IN permit tcp any host 216.16.67.246 eq domain
access-list Out_IN permit tcp any host 216.16.67.246 eq 3389
access-list Out_IN permit udp any host 216.16.67.246 eq 3389
pager lines 24
mtu outside 1500
mtu inside 1500
ip address outside 216.16.67.246 255.255.252.0
ip address inside 10.11.11.254 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 10.11.11.0 255.255.255.0 0 0
nat (inside) 1 10.11.12.0 255.255.255.0 0 0
static (inside,outside) tcp 216.16.67.246 domain 10.11.11.60 domain netmask 255.
255.255.255 0 0
static (inside,outside) udp 216.16.67.246 domain 10.11.11.60 domain netmask 255.
255.255.255 0 0
static (inside,outside) tcp 216.16.67.246 www 10.11.11.60 www netmask 255.255.25
5.255 0 0
static (inside,outside) tcp 216.16.67.246 3389 10.11.11.50 3389 netmask 255.255.
255.255 0 0
static (inside,outside) udp 216.16.67.246 3389 10.11.11.50 3389 netmask 255.255.
255.255 0 0
access-group Out_IN in interface outside
route outside 0.0.0.0 0.0.0.0 216.16.64.1 1
route inside 10.11.12.0 255.255.255.0 10.11.11.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ protocol tacacs+
aaa-server LOCAL protocol local
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
telnet timeout 5
ssh timeout 5
console timeout 0
terminal width 80
Cryptochecksum:8fac0fbadaf2dd9f0d7d0fafee5a1cda
: end
When enabling the debug packet outside it will log any incoming and outgoing packets that pass through the outside interface. Not sure if it logs packets that will be dropped though. WHen I go on dnsstuff.com and do a DNSreport. It logs the packets coming in and out. When I go to my web brower and type 216.16.67.246 nothing happens. I cannot understand why DNS will work but not http if you look at the config its the same setup! So I dont think I have my web server misconfigured but I could be wrong. Even if i dont got it configured right you would think the cisco would be logging packets...
Im having trouble with my web server. Its driving me nuts.
http is running and if i type the internal ip in it works.
but from outside it doesn't I cant figure out why.
Here is my PIX setup my Terminal server word but http doesn't tried to get it to work with sonicwall also. Also when I try domain requests from DNSSRUFF.com thats works its driving me crazy.
PIX Version 6.3(3)
interface ethernet0 auto
interface ethernet1 auto
nameif ethernet0 outside security0
nameif ethernet1 inside security100
enable password U9yuZ578sID7nF3B encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
hostname BPIX
domain-name pfbiz.local
fixup protocol dns maximum-length 512
fixup protocol ftp 21
fixup protocol h323 h225 1720
fixup protocol h323 ras 1718-1719
fixup protocol http 80
fixup protocol rsh 514
fixup protocol rtsp 554
fixup protocol sip 5060
fixup protocol sip udp 5060
fixup protocol skinny 2000
fixup protocol smtp 25
fixup protocol sqlnet 1521
fixup protocol tftp 69
names
access-list Out_IN permit udp any host 216.16.67.246 eq domain
access-list Out_IN permit tcp any host 216.16.67.246 eq www
access-list Out_IN permit tcp any host 216.16.67.246 eq domain
access-list Out_IN permit tcp any host 216.16.67.246 eq 3389
access-list Out_IN permit udp any host 216.16.67.246 eq 3389
pager lines 24
mtu outside 1500
mtu inside 1500
ip address outside 216.16.67.246 255.255.252.0
ip address inside 10.11.11.254 255.255.255.0
ip audit info action alarm
ip audit attack action alarm
pdm history enable
arp timeout 14400
global (outside) 1 interface
nat (inside) 1 10.11.11.0 255.255.255.0 0 0
nat (inside) 1 10.11.12.0 255.255.255.0 0 0
static (inside,outside) tcp 216.16.67.246 domain 10.11.11.60 domain netmask 255.
255.255.255 0 0
static (inside,outside) udp 216.16.67.246 domain 10.11.11.60 domain netmask 255.
255.255.255 0 0
static (inside,outside) tcp 216.16.67.246 www 10.11.11.60 www netmask 255.255.25
5.255 0 0
static (inside,outside) tcp 216.16.67.246 3389 10.11.11.50 3389 netmask 255.255.
255.255 0 0
static (inside,outside) udp 216.16.67.246 3389 10.11.11.50 3389 netmask 255.255.
255.255 0 0
access-group Out_IN in interface outside
route outside 0.0.0.0 0.0.0.0 216.16.64.1 1
route inside 10.11.12.0 255.255.255.0 10.11.11.2 1
timeout xlate 3:00:00
timeout conn 1:00:00 half-closed 0:10:00 udp 0:02:00 rpc 0:10:00 h225 1:00:00
timeout h323 0:05:00 mgcp 0:05:00 sip 0:30:00 sip_media 0:02:00
timeout uauth 0:05:00 absolute
aaa-server TACACS+ protocol tacacs+
aaa-server TACACS+ protocol tacacs+
aaa-server LOCAL protocol local
no snmp-server location
no snmp-server contact
snmp-server community public
no snmp-server enable traps
floodguard enable
telnet timeout 5
ssh timeout 5
console timeout 0
terminal width 80
Cryptochecksum:8fac0fbadaf2dd9f0d7d0fafee5a1cda
: end
When enabling the debug packet outside it will log any incoming and outgoing packets that pass through the outside interface. Not sure if it logs packets that will be dropped though. WHen I go on dnsstuff.com and do a DNSreport. It logs the packets coming in and out. When I go to my web brower and type 216.16.67.246 nothing happens. I cannot understand why DNS will work but not http if you look at the config its the same setup! So I dont think I have my web server misconfigured but I could be wrong. Even if i dont got it configured right you would think the cisco would be logging packets...
The Bublitz
Systems Admin
Hospice of the Red River Valley
Time to create page: 0.112 seconds