cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
357
Views
0
Helpful
3
Replies

FTP passive and active on ASA

mbluemel
Level 1
Level 1

Hi all

 

I wonder if anyone can assist with this.

I have a customer with a 5505 ASA which has restrictions on outbound ports.

He needs to use both Active and Passive outbound FTP connections but I am struggling to have both running.

With inspect ftp disabled the passive works but not active.

If I enable inspect ftp the active works not passive.

Is there anyway to get them both working together as I cannot find any configuration examples and I am running out of ideas.

 

Thanks

Martin

3 Replies 3

Florin Barhala
Level 6
Level 6
Do you have both active and passive connection requirements towards same FTP server or is it passive towards some FTP server and active toward another one?

Hi there

 

Thanks for the interest.

Its passive to some and active to others.

 

Thanks

Martin

That is good news!
What I would do: create a class-map and then apply inspect ftp for that class-map. Obviously that class-map will contain only the FTP server list IPs that require active FTP.
And for any other server passive will work fine.
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: