Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
895
Views
0
Helpful
4
Replies

ASA 5510 ftp traffic passing on 1 interface but not another

Go to solution
Syncardia Systems
Level 1
Level 1

‎12-21-2011 03:37 PM - edited ‎03-11-2019 03:05 PM

I have a 5510 running 8.4

FTP traffic routed from outside to the inside interface works fine.  I have another interface with multiple sub-interfaces and vlans configured.  FTP traffic routed from the outside to vlan2_servers is not making it through the firewall.  I must be missing something.  I have attached my config.  Any assistance would be greatly appreciated.

Labels:
119315-troubleshoot.txt.zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni
In response to Syncardia Systems

‎12-21-2011 05:30 PM

Hello Jennifer,

So you are trying to access the FTP server from the outside.

Can you change this:

object network FTPServer1

nat (any,outside) static xxx.xxx.xxx.105

to

object network FTPServer1

nat (vlan2,outside) static xxx.xxx.xxx.105

Please rate helpful posts.

Regard,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni

‎12-21-2011 04:35 PM

Hello Jennifer,

May I have some information related to this case:

-Where is the FTP server (Outside or Vlan2)

- Are you running passive FTP?

-What is the private ip address of the host on vlan 2

Regards,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

Go to solution
Syncardia Systems
Level 1
Level 1
In response to Julio Carvajal

‎12-21-2011 05:23 PM

Hi Julio,

Thanks for responding.

The FTP server is on vlan2

I am running passive FTP

The private address of the FTP server on vlan2 is 10.118.2.133

0 Helpful

Go to solution
Julio Carvajal
VIP Alumni
VIP Alumni
In response to Syncardia Systems

‎12-21-2011 05:30 PM

Hello Jennifer,

So you are trying to access the FTP server from the outside.

Can you change this:

object network FTPServer1

nat (any,outside) static xxx.xxx.xxx.105

to

object network FTPServer1

nat (vlan2,outside) static xxx.xxx.xxx.105

Please rate helpful posts.

Regard,

Julio

Julio Carvajal
Senior Network Security and Core Specialist
CCIE #42930, 2xCCNP, JNCIP-SEC
0 Helpful

Go to solution
Syncardia Systems
Level 1
Level 1
In response to Julio Carvajal

‎12-21-2011 05:51 PM

That worked.  Thank you!

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card