Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2079
Views
10
Helpful
2
Replies

FTP of ISE backup (passive mode) failing.

Go to solution
Anthony O'Reilly
Level 3
Level 3

‎01-06-2022 09:24 AM

Hi,

 

I have two customers, one on ISE 2.7 and the other one on ISE3.0

 

ISE 2.7 has Patch 6 installed which can FTP backups over to a 3rd party successfully.

 

ISE 3.0 cannot FTP backups over to the same 3rd party. The control channel on tcp port 21 was successful. When the data is transferred over FTP (passive mode) it does this on a high port number the backup fails. The traffic is getting denied due to a firewall rules which doesn't allow high port numbers

 

It looks like ISE 3.0 is using passive mode and not active mode.

 

Is the bug CSCvt91627 causing this issue?

 

Is there a way to get ISE 3.0 to backup via active mode as the customer doesn't want open high ports on their external firewalls?

 

Thanks Anthony.

0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Arne Bier
VIP
VIP

‎01-09-2022 12:57 PM

Changing from passive to active mode is not something that is user configurable in ISE. 

View solution in original post

2 Replies 2

Go to solution
balaji.bandi
Hall of Fame
Hall of Fame

‎01-06-2022 12:10 PM

Maybe a bug, or due to plain FTP sometimes having issues with secure reasons, try any SFTP and see if that success?

 

Note: not used FTP any time before due to security reasons, SFTP works as expected for me

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

0 Helpful

Go to solution
Arne Bier
VIP
VIP

‎01-09-2022 12:57 PM

Changing from passive to active mode is not something that is user configurable in ISE. 

Customers Also Viewed These Support Documents