SFTP on PIX 515E 7.0(x)

santipongv · ‎09-08-2006

Does PIX 515E 7.0(x) support SFTP? Are there solutions or workarounds?

Regards,

Santi

Report Inappropriate Content · ‎09-14-2006

Yes, PIX 515 e supports SFTP

santipongv · ‎09-14-2006

I am having trouble with 515E 7.0. I don't think that Version 7.0 suppots SFTP.

Patrick Iseli · ‎09-14-2006

What kind of SFTP are talking about ?

sftp via ssh or an ftp server that uses a SSL/TLS implementation.

sincerely

Patrick

santipongv · ‎09-14-2006

It is sftp for ftp server, the latter one.

Regards,

Santi

balinem · ‎09-26-2006

SFTP is not supported through the PIX.

This is because with SFTP the whole exchange is encrypted. This means that the PIX can't inspect the communications on the control channel (PORT or PASV, specifically) that dictate what the data channel is going to be. Since the PIX can't see what the data channel is going to be, it can't open up a hole for the traffic to pass through. In this situation you will probably be able to connect to an SFTP server, but you won't be able to list directories or transfer files.

There may be a workaround, if your client supports it. Some programs (WS_FTP is one, I think), have an option to send the control channel traffic in the clear, while still encrypting the data channel. This will allow the PIX to anticipate the data channel and allow it, and still have SFTP protect your data.

Thanks,

Matt