07-06-2016 03:32 AM - edited 03-12-2019 12:59 AM
Can anyone please advise how to configure FTP in both active & passive modes using the ASDM for the ASA.
There seems to be more to it than simply allowing access to ports 20 & 21.
Kind regards, K Azam
07-06-2016 04:17 PM
Hi,
Have a look at the following docs:
http://www.cisco.com/c/en/us/support/docs/security/asa-5500-x-series-next-generation-firewalls/113110-asa-enable-ftp-00.html
http://www.cisco.com/c/en/us/support/docs/content-networking/file-transfer-protocol-ftp/200194-ASA-9-x-Configure-FTP-TFTP-Services.html
Thanks
John
07-07-2016 04:11 AM
Thank you John but I was after the method using the ASDM.
Regards
07-08-2016 04:38 AM
I've created an ACL & allowed FTP from the source (remote client) to the destination (FTP server located behind the ASA) - this has been applied inbound on the outside interface.
This is supposed to work over a VPN connection but I get the attached error message when I run packet tracer.
Any ideas??...anyone?
07-08-2016 05:15 AM
Is the VPN tunnel you tested up? Do you have ftp inspections enabled at the service policy?
07-08-2016 06:31 AM
Yes, used the sh crypto ipsec sa cmd to verify vpn tunnel is up and
ftp inspection is enabled in service policy rules
07-08-2016 10:34 PM
Is it a site to site vpn? Does other allowed traffic work? Do you use vpn filters?
Could you send us the relevant config (service policies, interface acl, vpn-filter)
07-26-2016 08:06 AM
Sorry I've not responded, been so busy with the a separate vpn issue but I will be working on this soon. Thanks for your help thus far.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: