Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
453
Views
0
Helpful
2
Replies

WinSCP throught pix fiewall

stafford.slater
Level 1
Level 1

‎12-21-2004 06:21 AM - edited ‎02-20-2020 11:49 PM

I am trying to use a program WinSCP throught a pix 515. The application uses port 22 which is SSH so is kind of FTP over SSH.

The problem I have is how do I enable this, do I uses fixup ftp on port 22? will the firewall see ftp traffic or SSH encrypted traffic. How do I deal with the return traffic as it's on a different port.

Any help would be appreciated

Thanks,

Stafford

0 Helpful
2 Replies 2

paddyxdoyle
Level 6
Level 6

‎12-21-2004 07:03 AM

I'm pretty sure SSH works differently to FTP so you don't need to worry about fixups. Although SSH comes with SCP and SFTP, i believe SFTP is just an interface to make SCP look like tradional FTP and nothing else.

So if you need to allow SSH inbound then just open up your outside access-list for tcp 22 to your destination hosts.

HTH

PD

0 Helpful

mostiguy
Level 6
Level 6

‎12-21-2004 10:51 AM

It should just work, no fixups necessary. If you want to enable scp for access from the outside, then you would need to open tcp port 22, just like any other port. The PIX, while supporting ssh for management, is scp/ssh/sftp unaware for fixups - not that it has any real need to be, as those should not need more than one port (with the exception of sftp, because a lot of people call things sftp and there is no real standard)

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card