PIX FTP SYSLOG

2pat · ‎04-29-2004

Hi, I have a Linux server that fetches a file via FTP from a server located on Internett. And each time my PIX sends a syslog message looking something like this:

Apr 29 12:25:43 10.0.0.1 %PIX-4-106023: Deny tcp src outside:129.242.28.57/21 dst inside:62.101.252.32/55198 by access-group "outside_access_in"

Why is the remote server trying to connect back to me?

mostiguy · ‎04-29-2004

ftp generally uses two connections at once - control commands and data.

what does you outside_access_in access list look like?

2pat · ‎04-29-2004

I have:

fixup protocol ftp 21

access-list outside_access_in permit tcp any interface outside eq www

access-list outside_access_in permit tcp any interface outside eq 6300

access-list outside_access_in permit tcp any interface outside eq 9000

access-list outside_access_in permit tcp any interface outside eq 5060

access-list outside_access_in permit tcp any interface outside eq 5004

access-list outside_access_in permit udp any interface outside eq 5060

access-list outside_access_in permit icmp any any unreachable

access-list outside_access_in permit icmp any any echo-reply

access-list outside_access_in permit icmp any any time-exceeded

I tought the fixup should take care of the return ports?