Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1402
Views
5
Helpful
2
Replies

FTP and sqlnet issue after migrating to FTD 4100

pushpak.lele
Level 1
Level 1

‎09-27-2018 06:04 PM - edited ‎02-21-2020 08:17 AM

Hi,

Recently we have migrated from ASA 5585 to FTD 4110 . After migration we are facing problem with FTP and sqlnet traffic. Earlier it used to work properly but after migration some times its working and some times connection time out.

We used the packet capture and packet tracer to analyze the issue but it shows that the server is initiating the reset flag,

Fast path seems to be working for the traffic  . Using fast path we are bypassing the snort check . But even without the fast path in the packet tracer we can see that the snort verdict is showing as pass.

Hence we need to understand what exactly is happening with the traffic if the fast path is not enabled.

 

Thanks and regards

 

Pushpak

0 Helpful
2 Replies 2

Marius Gunnerud
VIP
VIP

‎09-28-2018 01:51 PM

I don't know about SQL, but we had and still have issues with FTP.  Are you using active or passive FTP.  There seems to be a bug that prevents active FTP from working correctly when being sent through snort.  This is even the case when we have inspect FTP configured in the policy map using flexconfig.  Passive FTP works fine though.  So we used this as a workaround, using passive FTP instead of active FTP.

--
Please remember to select a correct answer and rate helpful posts

pushpak.lele
Level 1
Level 1
In response to Marius Gunnerud

‎09-28-2018 05:41 PM

Hi,

Thanks, i will try with the passive FTP and let you know.

 

Thanks and regards

 

Pushpak

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card