Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
932
Views
0
Helpful
2
Replies

FirePower Threat Defence 6.2.0 - FTP inspect

s_malinskiy
Level 1
Level 1

‎02-21-2017 07:42 AM - edited ‎03-12-2019 01:57 AM

Hello Team!

We have several FP 4120 appliances with 6.2.0 td software working in HA pairs.

We have issue with FTP session on them, some how ftp inspec dosn't work.

FP have ability as ASAs to inspect ftp session ?

Labels:
0 Helpful
2 Replies 2

Dennis Perto
Level 5
Level 5

‎02-22-2017 10:52 PM

I have another customer saying the same thing with Firepower (Services for ASA) version 6.1.0.2. 

To me it seems a lot like this bug has not been resolved.

https://bst.cloudapps.cisco.com/bugsearch/bug/CSCvb55994

Try trusting the FTP flow to see if it is the Firepower software. :) 

If the problem is ftp inspect you probably can use FlexConfig for resolving your issues. 

http://www.cisco.com/c/en/us/td/docs/security/firepower/620/configuration/guide/fpmc-config-guide-v62/flexconfig_policies.html#task_C7C8FE28A3CF4322A0C342DCA08BC493

0 Helpful

Oliver Kaiser
Level 7
Level 7
In response to Dennis Perto

‎02-26-2017 07:39 AM

I have had the same issue and was able to resolve it using Hotfix X on version 6.1.0.1.

It was an issue with the snort preprocessor which causes ftp data traffic to hang (also happens for traffic not inspected using amp) 

Try contacting cisco tac to verify if the bug dennis posted applies to your systems.

p.s. another possible workaround is using a prefilter policy to make sure ftp traffic does not hit the firepower engine.

Hope this helps.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card