Cisco VPN :: Connection For Accessing Server On HTTP Port Only - ASA 5520
Mar 10, 2013
We have ASA5520 and we want to configure a VPN IPSEC profile so that a partner of ours can access only a server and only on HTTP port.I've tried configuring split tunneling with an Extended ACL but probably I'm missing something. I just configured the ACL so that it included any source to our server's IP on HTTP port but when testing, it didn't work.
However, if I configure a Standard ACL on the split tunneling I can access the server and all the services it provides.Do you know if I'm missing anything on the Extended ACL configuration?
Should I configure this any other way?
View 6 Replies
ADVERTISEMENT
Jul 18, 2011
I have a setup like this.
Foreach computer I need to go and configure the browser proxy settings and some people are getting smart and turn it to automatic configuration again.
So what i want to achieve is to have my DIR-655 to route all the HTTP/port 80 traffic to the proxy server.
That way it is transparent and then it is not needed to configure each computers browser settings.
I am pretty new to this and the router configurations.
The proxy server works fine if i configure the browser manually.
View 6 Replies
View Related
Apr 18, 2012
I need getting access to my http server. I have a host name that I configured to point to my IPS IP address. Port 80 is enabled on my server, but I can't seem to get access it from my web address [code]
View 5 Replies
View Related
Jan 7, 2013
I recently bought a EA6500 to replace a EA4500 (defective). Prior to the EA4500 I had a 160N which I now use as a WAP for 801.11G devices. I thought the 4500 was good from the media server functions it offered.However since installing the 6500 I noticed:
1. I have port forwarding for http to a web server. It works fine from machines on the outside but from my local subnet 192.168.1.x I can't access the web server (I can't even ping the external address - and yes I turned the anonymous filter off). I am not using ddns and I have a static ip address (cable modem connected) to the outside world.
View 2 Replies
View Related
Feb 5, 2013
Since a few days, when I go on Web with my cable connection, the pages of sites stay on a blank page and that does not connect. Having made diagnose, I had the following message:The distant ring road(peripheral) or the resource does not accept the connection.The ring road(peripheral) or the resource [URL] is not configured to accept the connections on the port " Web Service (HTTP) ".I phoned at my FAI ( Videotron) and having discussed for a long time, it happened at the conclusion that it was a problem of router (when I connect the computer directly on the modem, that works very well).Of an other one quoted(esteemed), a connection Wireless telegraphy works with no problem at all, fortunately because I shall not be here.I am to go to my router D-Link Dir-835 and I returned to the former(old) protection(saving) of the configuration. And now that re-works again. But the enjoyment was short-lived because this morning, the problem returned.What do you think about it? I Should make a reset of my router even if it means re-configuring everything again?
[URL]
View 2 Replies
View Related
Sep 19, 2012
I'm following what I believe to be the instructions for allowing SSH and HTTPS access, but alas, I cannot use anything but HTTP for accessing this switch.
View 3 Replies
View Related
Jun 19, 2011
I have a VPN connection to my office network. The VPN connection appears to work fine as it connects and logs me in successfully. In the connection box I have to provide a domain and my username to log in. Once the VPN is connected I am then able to ping my office computer as if I was on the same network. That is great. The problem is that there is a server on that network that defines a bunch of A records for web applications we are working on and I can't seem to hit any of those from my home computer, even though I can at work. If I remote into the office PC and navigate to these addresses they work fine. I also know that my co-worker can hit these a records from home so it has to be something I'm doing wrong.
[Code]....
View 2 Replies
View Related
Sep 30, 2011
This one is kicking my butt.I have an MPLS network with three stes.Site1 is where all my servers reside.Site2 and Site3 just have a few PC's.From Site2 and Site3 I cannot access the server at Site1 via http://IPADRESS.Of.Server.I am able to ping just fine.I thought it may be a router issue but... there is is a single PC at Site2 that can access it with out any issues.All the IP settings (Default GW, DNS, etc...) match the other PCs.The windows firewall is turned off on all PC's. AVG is disabled on the PCs.
View 9 Replies
View Related
Dec 27, 2011
i must translate port 80 from outside connection on port 85 in lan server? how can i configure the asa firewall rules for complete this task?
View 4 Replies
View Related
Mar 12, 2013
Two days ago, we changed our old 525 with asa 5520 ( ver 8.2 ). Configuration is the same, except the version. It even retains the same global interface and static public ip address as the old device.All worked well during that period.Yesterday, one of the http applications , not tested other day, was found not to be working. To test, we switched back to the old 525 , however nothing was working when we did that.Does the static statement which actually does the translation for this application carry any arp problems or so.how can i check this problem.
View 3 Replies
View Related
Jul 2, 2012
We have ASA 5520 as SSL VPN concentrator so users can access internal web from outside. Our internal web also has several internet URL. What we want is when user click internet URL in our internal web, ASA forward those request to internal proxy server. I already config proxy using port 8080 and username "companyuser" and password, but always have authentication failed on ssl vpn browser. We uses forefront TMG as proxy. Username and password have right to access Internet.
View 2 Replies
View Related
Jul 23, 2012
I've got a remote site which is connected to the headquarters via VPN site to site IP Sec tunnel. When I am in my office I have no problem to reach the remote network, but, when I try to connect to the remote network via VPN client, I can't reach it.in the remote office I've hot a Router 3800 (Cisco IOS Software, 3800 Software (C3845-DVENTERPRISEK9-M), Version 12.4(13c), RELEASE SOFTWARE (fc2)) in the headquarters I've got an ASA 5520 Version 8.0(3) I've chequed access-list, and network objects and it seems everythink ok.
local network: 10.30.0.0 0.0.0.0
remote network 10.31.0.0 0.0.0.0
ASA
object-group network remote-network
network-object 172.16.27.0 255.255.255.0
[code]....
View 3 Replies
View Related
Dec 9, 2010
I was unable to access my ASA 5520 using HTTP/HTTPS even on the management interface. I had upgrade the ASA IOS to asa832-k8.bin and ASDM to asdm-634-53.bin. But, the issue still the same.
My browser show the error message as attach image.
PGA-Firewall-02# sh run: Saved:ASA Version 8.3(2)!hostname PGA-Firewall-02enable password 8Ry2YjIyt7RRXU24 encryptedpasswd 2KFQnbNIdI.2KYOU encryptednames!interface GigabitEthernet0/0 nameif public security-level 0 ip
[Code]....
View 7 Replies
View Related
Dec 20, 2010
Right now, in my network there is no proxy server and all users go straight through the ASA to access internet. I would like to put a squid with dansguardian (for web filtering). Steps in getting all http and https traffic from ASA go via my squid?
View 18 Replies
View Related
Mar 5, 2012
I have a customer who wants his new ASA-5520 to load balance out-going traffic between 2 ISPs, fairly normal request. Now here's the twist. He wants to separate traffic based upon the protocol used, http to one ISP, https to the other.
View 3 Replies
View Related
Jan 21, 2012
i had done inter-vlan routing , attached a DNS server to that network, i didn knw how to config a server to act as http??? so that i can view webpages forn systems of that network??
View 3 Replies
View Related
Mar 20, 2011
we are having some trouble setting up our router (Cisco 861W) webserver on the LAN so that it can be accessed from outside (http via port 80). When we try to access it via the web address, we just get the login window of the Cisco router software?
View 10 Replies
View Related
Sep 12, 2011
how do I install Firefox if I cannot connect to the internet? Can I "save" it to a disc or flash drive from another computer.
View 7 Replies
View Related
Jan 10, 2012
Any way to enable the USB port of a TV to access video files held on a NAS drive?
My aim is to access the drive via wifi or ethernet.
Presumably it would need to present the drive as a mass storage device to the TV's USB port since that's basically what the port picks up.
The TV does not support DLNA and I'm trying to avoid having to buy a separate media player e.g. WD Live TV box.
View 9 Replies
View Related
May 8, 2012
I have one server-A(windows 2008) installed one application called"host front" which gives athentication to connect Linux(mainframe console)server(SERVER B). These 2 servers are bihind the firewall.If one internal user who has the athentication to logine server-B ,tried to login server A,will get the" username and password"screen and once they enter the username and password ,will get the server-B screen.But if somebody try to connet via MPLS(we need to test MPLS site customers) from outside via ASA 5540 ,to server-A will get the "username password" screen and once enter the credentials,after 1 minitue will get error"http server faild to send datas to the server" and will not move to server -B screen.Where do you think is the problem?
View 3 Replies
View Related
Jun 20, 2011
I just upgraded my ASA 5585 cluster from 8.2 to 8.4. I also upgraded the asdm .bin from 6.35 to 6.43. after rebooter the cluster, I try to access it with ASDM installed on my computer but it blocked at 17%.I tried to access [URL] but I just an error (with IE & FF) [code] What did I miss in the ocnfiguration ? I precise that I never used the http page, I already had the ASDM installed from another ASA.
View 4 Replies
View Related
Sep 16, 2012
I using IOS c2950-i6k2l2q4-mz.121-22.EA14.bin but no support command "ip http secure-server" and I not connect switch by CNA. How I fix ? Or IOS C2950 support ip http secure-server and ssh ver2 ?
View 1 Replies
View Related
Dec 29, 2011
I have a customer who used to own a 3750 with a older version of IOS. The switch he had used a three year old version of IOS which allowed him to browse to the switch IP and manage it via HTTP without entering a password at all. Now that he has a replacement switch with a new ver of IOS (since the previous switch died). We slapped the config on from the old switch but no matter what we do (understanding that new http aaa authentication commands were added) we cant get this thing to let him in without prompting him for a password. I understand this was an insecure config to begin with so I shouldn't be advocating using it in the first place, but this is what the customer wants.Basically what I'm trying to figure out is are we banging our heads into the wall for nothing as the "ip http server" will not allow an authentication method of "none" anyway? None of the offical documentation I have read for the http aaa authentication cmds shows this as an example nor have I found any blog posts on how to do it ether. Perhaps Cisco removed this by design.
Here is the config:
aaa new model
aaa authentication login default local
aaa authentication enable default none
aaa authentication login none none
ip http server
ip http authentication aaa login-authentication none
[code]....
View 1 Replies
View Related
Jun 7, 2011
I know how to access the GUI from the service port. However, I am not able to access from Port 0. IPs have all been properly set. We have a management VLAN in our enterprise. I have configured the WLC management interface for an ip on that subnet. Port 0 is connected to a 3560G switch. I have set the switch port to be an access port to the management vlan and I have tried to set the switch port as a trunk, with the native vlan set to the management vlan. I am not able to ping nor access the web GUI remotely via the management vlan.
View 3 Replies
View Related
Aug 4, 2011
I am just setting up a LAN using DIR-655 and I noticed this line in the logs: notice Aug 4 03:25:55 HTTP listening on port 65535
Is the router listening to that port?
View 1 Replies
View Related
Aug 6, 2011
I get stuck in a problem,What can be the reason for not working my configuration or any other reason that can be .
[CODE].....
View 4 Replies
View Related
Nov 19, 2012
Is this possible and if so what commands do i need to configure on my ASA 5510 for it to work.I have two web server within my DMZ and i want to access the outside url of on on the web server from the other. Currently i can access the internet from both webserver server but not the url form either webservers.
E.g. config
webserver 1 https://xxxxxx.xxxxxxx.com ---> public ip---> dmz ip
webserver 2 https://xxxxxx.xxxxxxx.com ---> public ip---> dmz ip
View 2 Replies
View Related
Aug 22, 2012
If possible I would like to have access to my external hard drive from outside of my network.While in the network my laptop connects to the Hard Drive using the shareport. If I take the laptop with me then I would also have to take the External Drive with me.
View 6 Replies
View Related
Jun 29, 2011
my laptop is re-staring when access the server
View 1 Replies
View Related
Mar 8, 2012
I have a Windows Home Server v.1 I set it up nearly a year ago, and everything runs fine.I have 3 different user accounts that are password protected.On my PC, i have been running Windows 7 and using the server as my My Documents folder.I recently installed Windows 8 Consumer Preview on an old Hard Drive, and i can't seem to access any folder on the server that isn't already given public permission. Whenever i try to access my User folder i get an access denied message, but no prompt to enter a password so i can use it.
View 3 Replies
View Related
Feb 27, 2013
I need to redirect all http and https traffic from one source in a dmz network, to port tcp/8080 on a proxy server on the inside network.
The source device doesn't handle proxying very well, so i've been advised to redirect the tcp/80 and tcp/443 ports to tcp/8080 as it passes through the firewall.
Scenario is thus:
PIX 515E 6.3 (5)
DMZ server: 172.31.255.250 (Real IP), 10.44.181.236 (NAT IP)
Inside Proxy server: 10.44.132.28 (Real IP), 172.31.255.110 (NAT IP)
I've configured a static NAT redirect using the following command: static (inside,dmz) tcp 172.31.255.110 www 10.44.132.28 8080 netmask 255.255.255.255 0 0
When I try to add the next command of: static (inside,dmz) tcp 172.31.255.110 443 10.44.132.28 8080 netmask 255.255.255.255 0 0
I get the following error: ERROR: duplicate of existing static
Is there a work around for this at all or am I stuck with the limitations of the software?
View 2 Replies
View Related
Apr 29, 2012
I need to configure a keepalive that check an url in a server (http in port 9500 not in port 80) and check the port 443 in the same server. If any of them not response . the service should go down.
View 1 Replies
View Related
Mar 14, 2013
active# sh running-config
: Saved
:
ASA Version 8.2(5)
!
hostname active
domain-name dhalahore.org
enable password 2KFQnbNIdI.2KYOU encrypted
passwd 2KFQnbNIdI.2KYOU encrypted
[code].....
View 7 Replies
View Related
