08-17-2001 02:04 AM - edited 02-20-2020 09:49 PM
I've got Cisco Secure PIX Firewall Version 5.1(4) and I would like to make FTP's download's from my inside network.
Is there any command that I've got to put in the configuration to enable that feature ???
Thanks
Miguel
08-17-2001 06:19 AM
In the scenario where your FTP server resides on the inside network, and the FTP server is to be made available to outside users there are two steps to take inorder for this to be successful:
1st - A static NAT entry to this server. You may want to advertise this server on WWW and for outside users to more easily resolve, having the server name filed in DNS will be required.
2nd - you will want to establis a conduit. The conduit should have a mapping to the host address and protocol to that host address. There are plenty of examples on CCO for that.
Lastly, although in an ISP environment this is not a requirement, you could restrict user via username and password.
Hope this helps you,
Alex.
08-17-2001 08:00 AM
If you have nat/global configured and you are using passive FTP, no special configuration is required. If you are using standard mode FTP, you need to make sure that 'fixup protocol ftp 21' is configured on the PIX. This feature is on by default.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide