Announcement

Collapse
No announcement yet.

Cannot seem to open port 443

Collapse
X
  • Filter
  • Time
  • Show
Clear All
new posts

  • Cannot seem to open port 443

    I'm trying to open a port 443 on my Cisco 515 PIX Firewall to allow Exchange Outlook Web Access for Exchange 2010.

    I don't really know much about Cisco firewalls but I know enough to be able to add to the config and have worked this out in the past so I can successfully open other ports.

    The two lines I have added to the config are

    access-list out-in permit tcp any interface outside eq https
    static (inside,outside) tcp interface https 10.0.0.7 https netmask 255.255.255.255 0 0




    when I try to telnet to my site from outside the network on port 443 it says it's not open.

    I don't know if it matters but I have a Vigor ADSL router sat in front on the PIX. I'm not sure why traffic passes straight through this and all the port forwarding is done by the pix. But the rest of the ports seem to work. Port 443 on 10.0.0.7 is working as you can access it from inside the network.

    Could anyone help me with this.

  • #2
    Re: Cannot seem to open port 443

    Originally posted by Beef View Post
    I'm trying to open a port 443 on my Cisco 515 PIX Firewall to allow Exchange Outlook Web Access for Exchange 2010.

    I don't really know much about Cisco firewalls but I know enough to be able to add to the config and have worked this out in the past so I can successfully open other ports.

    The two lines I have added to the config are

    access-list out-in permit tcp any interface outside eq https
    static (inside,outside) tcp interface https 10.0.0.7 https netmask 255.255.255.255 0 0




    when I try to telnet to my site from outside the network on port 443 it says it's not open.

    I don't know if it matters but I have a Vigor ADSL router sat in front on the PIX. I'm not sure why traffic passes straight through this and all the port forwarding is done by the pix. But the rest of the ports seem to work. Port 443 on 10.0.0.7 is working as you can access it from inside the network.

    Could anyone help me with this.
    I'm sorted now. I've been on this for a week or so now, on and off I and couldn't for the life of me work it out. I tried at home and it didn't work as expected, so I took the file path off the URL and it came up with a router user name and password prompt. I put in the password for the Vigor router and the management interface came up. I looked at the management settings and https was configured on port 443 for managing the router. doh. I still don't understand why port forwarding is done via the Pix rather than the Vigor though. I did notice the DMZ option on the vigor pointed to outside interface address of the PIX. Could this be why?

    Comment


    • #3
      Re: Cannot seem to open port 443

      There are a few ways routers can be setup with the two common ones being passthrough and NAT (different names depending on the manufacturer though). NAT generally implies the rules are setup on the router and that you have different subnets either side. Passthrough allows the same network either side (ie the router is invisible) and just transfers the traffic direct to the next device.

      In your case it's passing everything to the PIX (aside from 443 it seems ) which is usually the best solution. In NAT mode you would have to setup rules on both devices as the PIX would still need static and ACLs for the traffic to pass.

      Your rule looks good btw
      cheers
      Andy

      Please read this before you post:


      Quis custodiet ipsos custodes?

      Comment

      Working...
      X