PIX 506e seems to be port forwarding to wrong machine

Home Forums Networking Cisco Routers & Switches How-to PIX 506e seems to be port forwarding to wrong machine

Viewing 1 post (of 1 total)
  • Author
    Posts
  • Avatar
    swfblade
    Member
    #155540

    Please forgive my very limited Cisco knowledge. I know only basic commands.

    Ok, so we have a Cisco PIX 506e which is port forwarding various stuff to various servers. current config is;

    static (inside,outside) tcp interface 123 192.168.174.213 123 netmask 255.255.255.255 0 0
    static (inside,outside) udp interface ntp 192.168.174.213 ntp netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface 3101 192.168.174.213 3101 netmask 255.255.255.255 0 0
    static (inside,outside) udp interface 1234 192.168.174.210 1234 netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface 3389 192.168.174.14 3389 netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface pptp 192.168.174.16 pptp netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface smtp 192.168.174.13 smtp netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface www 192.168.174.15 www netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface https 192.168.174.13 https netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface pop3 192.168.174.13 pop3 netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface imap4 192.168.174.13 imap4 netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface 993 192.168.174.13 993 netmask 255.255.255.255 0 0 [/CODE]
    Now, our new Exchange server is running on ip .13, old one was .213. However, when someone tries to access the OWA, or any site running on https that is on our server, they get the site that is hosted on the old server, not the new one. Its like its port forwarding to the old address.

    What I have done:
    OK so the setting was to go to .213, so I telnet into the router, enable, conf t, run “no static (inside,outside) tcp interface https 192.168.174.213 https netmask 255.255.255.255 0 0” then “static (inside,outside) tcp interface https 192.168.174.13 https netmask 255.255.255.255 0 0” then wr mem. sh conf shows the above, so it looks like its worked, but for some reason external STILL goes to the old server…

    Have I done a stupid?

    Thanks in advance.[CODE]static (inside,outside) tcp interface 123 192.168.174.213 123 netmask 255.255.255.255 0 0
    static (inside,outside) udp interface ntp 192.168.174.213 ntp netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface 3101 192.168.174.213 3101 netmask 255.255.255.255 0 0
    static (inside,outside) udp interface 1234 192.168.174.210 1234 netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface 3389 192.168.174.14 3389 netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface pptp 192.168.174.16 pptp netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface smtp 192.168.174.13 smtp netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface www 192.168.174.15 www netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface https 192.168.174.13 https netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface pop3 192.168.174.13 pop3 netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface imap4 192.168.174.13 imap4 netmask 255.255.255.255 0 0
    static (inside,outside) tcp interface 993 192.168.174.13 993 netmask 255.255.255.255 0 0 [/CODE]
    Now, our new Exchange server is running on ip .13, old one was .213. However, when someone tries to access the OWA, or any site running on https that is on our server, they get the site that is hosted on the old server, not the new one. Its like its port forwarding to the old address.

    What I have done:
    OK so the setting was to go to .213, so I telnet into the router, enable, conf t, run “no static (inside,outside) tcp interface https 192.168.174.213 https netmask 255.255.255.255 0 0” then “static (inside,outside) tcp interface https 192.168.174.13 https netmask 255.255.255.255 0 0” then wr mem. sh conf shows the above, so it looks like its worked, but for some reason external STILL goes to the old server…

    Have I done a stupid?

    Thanks in advance.

Viewing 1 post (of 1 total)

You must be logged in to reply to this topic.