topic FTPS (FTP explicit SSLTLS) in Network Security

FTPS (FTP explicit SSLTLS)

networker99 — Mon, 11 Mar 2019 22:11:38 GMT

Can anyone tell me how to get this working (outside host coming in though ASA 5505 running 8.4).

Thanks

FTPS (FTP explicit SSLTLS)

mvsheik123 — Sat, 07 Jan 2012 17:02:11 GMT

Try by opening TCP - 21 , 21000 & 21010 and use PASV mode (unless you already have the list of TCP ports). Also, in 8.4 you need to allow ACL to 'real' ip than public ip. Check the below links.

https://supportforums.cisco.com/docs/DOC-12324

hth

FTPS (FTP explicit SSLTLS)

networker99 — Sat, 07 Jan 2012 17:04:23 GMT

why would I open 21 for FTPS?, 21 is for FTP

FTPS (FTP explicit SSLTLS)

mvsheik123 — Sat, 07 Jan 2012 17:12:56 GMT

21 is control channel for Explicit SSL, allowing the user's computer to send commands to the server. Now, this may be from client end in which case from inside ASAs allow outbound connection (default). You can give a try without port 21 and post back what worked for you.