Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
246
Views
0
Helpful
3
Replies

FTP Session being blocked by FWSM access list

PacketSpartan
Level 1
Level 1

‎05-04-2017 09:23 AM - edited ‎03-12-2019 02:19 AM

We have a client that's trying to connect to a FTP server on the internet,  

We have an internal firewall (cisco FWSM) and an external fw (Fortinet). We have come across an issue when a user is trying to connect to a FTP server, the initial connection is being

Initial connection 

Source port : 57243

Destination port : 21

the second part of the connection is using destination ports that are not allowed via the firewall. The strange thing is that, this service was working before with the exact same firewall rules. When i repeated the test on the same network on a different vrf, the second part of the connection uses different sets of ports

I've tried with Winscp and Filezilla and i am just wondering if we can do anything on the FW 

Can anyone help ? 

CCNA R&S
Labels:
0 Helpful
3 Replies 3

PacketSpartan
Level 1
Level 1

‎05-08-2017 03:22 AM

Can anyone help, we seem to have more and more users who are unable to connect via FTP. 

CCNA R&S
0 Helpful

Mohammed al Baqari
Level 11
Level 11
In response to PacketSpartan

‎05-08-2017 04:06 AM

Are you using active FTP or passive FTP? 

Do you have FTP inspection configured in your global policy.

0 Helpful

PacketSpartan
Level 1
Level 1
In response to Mohammed al Baqari

‎05-15-2017 07:21 AM

We are using Passive and We do have ftp inspection enabled globally on the fw

CCNA R&S
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card