Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
704
Views
0
Helpful
4
Replies

FTP Issues thru PIX 515

rjsatter
Level 1
Level 1

‎04-30-2003 12:25 PM - edited ‎02-20-2020 10:42 PM

Looking for the most secure way to allow FTP transfers through our corporate Firewall.

Right now if an FTP is initiated from the inside network . . . we can connect to the FTP site and login but cannot execute commands like "ls -al" or actually move data.

I can see my firewall blocking inbound tcp connections from the FTP server on ports 20 and what appears to be a randomly generated tcp port.

0 Helpful
4 Replies 4

tvanginneken
Level 4
Level 4

‎04-30-2003 03:28 PM

Hi,

is the ftp fixup protocol enabled?

Regards,

Tom

0 Helpful

rjsatter
Level 1
Level 1
In response to tvanginneken

‎05-01-2003 05:30 AM

Yes . . . I have fixup protocol ftp 21 configured on the PIX.

0 Helpful

bmuha
Level 1
Level 1

‎05-01-2003 05:35 AM

I do not think port 20 is random it is ftp-data port you may need to open this up on the firewall... Also have you tried using passive mode in your ftp client

--Brian

0 Helpful

rjsatter
Level 1
Level 1
In response to bmuha

‎05-01-2003 05:41 AM

Here is what I see being blocked on the firewall for each command I try to issue once I am connected to the FTP server . . . my private network address is being xlated to 216.248.65.178.

106001: Inbound TCP connection denied from 207.177.41.14/6411 to 216.248.65.178/113 flags SYN on interface outside

106001: Inbound TCP connection denied from 207.177.41.14/20 to 216.248.65.178/1132 flags SYN on interfaceoutside

The 207.177.41.14 address is the address of the server I connect to via FTP. Connect works but no other commands work.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card