cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
329
Views
0
Helpful
1
Replies

Outbound client ftp connections not working.

kscottwoody
Level 1
Level 1

Having trouble figuring this out.  Probably missing something simple.

I have some users that are trying to initiate a passive ftp connection to a server on the web.

I’ve setup an object group for general web traffic outbound sourced from inside.  Here’s a snippet.

object-group service web_general tcp-udp

port-object eq 21

port-object eq www

port-object eq 443

and ACL.

access-list inside extended permit object-group tcp-udp object-group myUsers any object-group web_general

the user tries to open a connection and nothing..

any ideas on troubleshooting?

1 Reply 1

Jouni Forss
VIP Alumni
VIP Alumni

Hi,

If your users interface on the ASA is "inside" then first try "packet-tracer" to determine what configurations would apply for this connection

packet-tracer input inside tcp 12345 21

Also check that you have FTP Inspection enabled in your Policy Map

Use the command

show run policy-map

- Jouni

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: