01-17-2008 12:47 AM - edited 03-09-2019 07:54 PM
Dear sir
how i can open FXP (server to server FTP) through the Cisco Firewall.
where i think it disabled be default for the risk of FTP Bounce attack.
Thanks
01-23-2008 09:58 AM
Make sure the TCP / UDP port 286 , used by FXP is allowed on the firewall to pass through. Make sure both FTP servers must support FXP and have it enabled. Consult with the server admin since most FTP servers do not support FXP, or have FXP disabled due to potential security risks.
01-24-2008 03:55 AM
Dear irisrios
thank u for response,
i checked with the server admin, and we found that the servers support FXP, and FXP is enabled.
i oppened for test all tcp ports between the two servers.
when i disable the ftp inspection from the firewalls, the FXP work good with no problems.
but now i can not close all tcp ports, becouse ftp inspection is disabled.
so i need a mechanism to enable ftp inspection, and disable it from inspecting ftp PORT command
Thanks
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide