Firewall Wizards mailing list archives

RE: PIX and IIS issue

From: "Sloane, David" <DSloane () vfa com>
Date: Thu, 1 May 2003 12:20:20 -0400

If your IIS box isn't listening on an outside-facing interface, that could
be a problem.  Also, it may have a host-header which works inside --
http://servername -- but not outside -- http://webthing.somepurpose.com.

I'd focus on the IIS box though - the firewall doesn't seem to be part of
the problem.


-David

-----Original Message-----
From: Ames, Neil [mailto:NAmes () anteon com] 
Sent: Thursday, May 01, 2003 10:17 AM
To: Mohammad Shahed Akhtar; firewall-wizards () honor icsalabs com
Subject: RE: [fw-wiz] PIX and IIS issue


Shahed,
        Are you saying that your Web server on the Linux box works fine,
with no changes to the PIX, where the Windows IIS server doesn't (using the
same IP)?  Is the IIS server configured to use an IP address other than "All
Assigned" (in the Web site properties)?  Just a guess, but you may have some
other IP address configured there (if I read this right)...


--Fritz

-----Original Message-----
From: Mohammad Shahed Akhtar [mailto:msakhtar () kfupm edu sa]
Sent: Wednesday, April 30, 2003 6:27 PM
To: firewall-wizards () honor icsalabs com
Subject: [fw-wiz] PIX and IIS issue


Hi!

I have a PIX connected to a switch on internal network and therein resides
my Microsoft IIS box. I can access ftp, ping etc from outside through
conduit and/or access lists but I cannot access http port from outside ?
Tried all clears - conduit, xlate, arp etc without any effect. Finally
thought that its nothing to do with the poor PIX and worked on the web
server. Replaced the IIS box with Linux and lo! it works fine.. I mean all
access lists and/or conduits for http, ftp, ping work fine. Now why doesn't
the same work with Microsoft IIS? The same Microsoft IIS works great with
all ports accessible on the internal network but inbound access for http
port from across the firewall through the outside interface is not working.
Any thoughts as to what's the issue? Is there a bug here?

Will virtual + aaa combo help here ?

BTW: PIX version 6.1(4) and IIS version 5.0+

Thanks in advance,
Shahed.

_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards
_______________________________________________
firewall-wizards mailing list
firewall-wizards () honor icsalabs com
http://honor.icsalabs.com/mailman/listinfo/firewall-wizards

Current thread:

PIX and IIS issue Mohammad Shahed Akhtar (May 01)
- <Possible follow-ups>
- RE: PIX and IIS issue Ames, Neil (May 01)
  - Re: PIX and IIS issue Mohammad Shahed Akhtar (May 02)
- RE: PIX and IIS issue Sloane, David (May 01)
  - Re: PIX and IIS issue Jyotish K Sen Gupta (May 02)