Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3553
Views
0
Helpful
19
Replies

ASA5505 - Active FTP will not pass through

Kenzie6964
Level 1
Level 1

‎10-15-2013 04:27 AM - edited ‎03-11-2019 07:52 PM

Hi,

Please be gentle with me as I'm still learning Cisco

I'm trying to configure our Cisco ASA 5505 to allow Active mode FTP connections through. We have a user that uses some bespoke software that connects to a client via FTP in active mode.

When using the packet tracer. The packets fail by the DENY implicit incoming Rule (please see below). This rule looks as though it cannot be editted although as seen in my screen shot there are 2 rules very similiar?

inspect FTP is enabled and always has been enabled.

1.png

2.png

Labels:
0 Helpful
19 Replies 19

johnlloyd_13
Level 9
Level 9
In response to Jouni Forss

‎10-15-2013 09:17 AM

Yeah saw that one earlier and I understand what you mean. Look at me still checking CSC on my iphone :)

It would be cool though if you can create one coz your line of thought is much better.


Sent from Cisco Technical Support iPhone App

0 Helpful

Kenzie6964
Level 1
Level 1
In response to Jouni Forss

‎10-16-2013 10:03 AM

Hello,

it seems that there was a connection issue between our client and the Remote FTP server. This has been resolved now however active mode still will not connect through.

If I was to strip out some logs and PM to you would you be able to cast your eye over them? I'm not entirely sure what I am looking for? I'm still convinced that there is a issue at the remote server side; however I need to be 100% sure before i can hand it back to them

Thanks for your help with this.

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to Kenzie6964

‎10-16-2013 10:24 AM

Hi,

Sure, you can send the logs. Though generally I troubleshoot FTP related issues with traffic captures. And even in those situations there is usually different people that work with the actual clients and servers when I provide the information on what I see in the logs and captures

- Jouni

0 Helpful

Kenzie6964
Level 1
Level 1
In response to Jouni Forss

‎10-16-2013 10:26 AM

Hi,

I've just found a configuration fault within the software being used. I'm just waiting on someone to test the changes I have made. Should hopefully the resolve the issue.
I will keep you updated. I'll be furious if this resolves things after everything we've gone through!

0 Helpful

Jouni Forss
VIP Alumni
VIP Alumni
In response to Kenzie6964

‎10-16-2013 10:35 AM

Ok,

Hopefully it corrects the problem

- Jouni

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card