I have two customers, one on ISE 2.7 and the other one on ISE3.0
ISE 2.7 has Patch 6 installed which can FTP backups over to a 3rd party successfully.
ISE 3.0 cannot FTP backups over to the same 3rd party. The control channel on tcp port 21 was successful. When the data is transferred over FTP (passive mode) it does this on a high port number the backup fails. The traffic is getting denied due to a firewall rules which doesn't allow high port numbers
It looks like ISE 3.0 is using passive mode and not active mode.
Is the bug CSCvt91627 causing this issue?
Is there a way to get ISE 3.0 to backup via active mode as the customer doesn't want open high ports on their external firewalls?