Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
Bookmark
|
Subscribe
|
909
Views
0
Helpful
4
Replies

FTP Access - Help please.

wananga01
Level 1
Level 1

‎04-27-2005 02:17 PM - edited ‎03-03-2019 09:24 AM

recently we changed our ISP and have connected to them using a Cisco 1700 Router. The connection is working and all workstations can access the Internet. NAT is configured on the router and an ACL is applied to the inside interface. I am experiencing a problem in that we cannot access FTP sites over the Internet.

interface FastEthernet0

description LAN Link

ip address 202.154.226.225 255.255.255.248

ip nat inside

ip virtual-reassembly

speed auto

!

interface Serial0

description ISP Link

ip address 202.154.201.54 255.255.255.252

ip nat outside

ip virtual-reassembly

encapsulation frame-relay IETF

frame-relay map ip 202.154.201.53 129

frame-relay interface-dlci 102

!

ip default-gateway 202.154.201.54

ip classless

ip route 0.0.0.0 0.0.0.0 202.154.201.53

no ip http server

!

ip nat inside source list 1 interface FastEthernet0 overload

!

access-list 1 permit 0.0.0.7 255.255.255.248

Labels:
0 Helpful
4 Replies 4

thisisshanky
Level 11
Level 11

‎04-27-2005 08:06 PM

Typically you use the WAN IP for NAT/PAT, why are you using the LAN IP for NAT/PAT ?

I dont see an ACL applied to the interface. You will need to enable CBAC (IOS FW feature set required) or else try using passive FTP.

Here is an example config.

http://www.cisco.com/en/US/products/sw/secursw/ps1018/products_configuration_example09186a008009445f.shtml

Sankar Nair
UC Solutions Architect
Pacific Northwest | CDW
CCIE Collaboration #17135 Emeritus
0 Helpful

wananga01
Level 1
Level 1
In response to thisisshanky

‎04-28-2005 03:00 PM

I am using the LAN IP as I was having trouble connecting to the ISP and posted a message here. The reply advised me to set up router as posted in this conversation.

Any recommendations?

0 Helpful

wananga01
Level 1
Level 1
In response to thisisshanky

‎04-28-2005 05:15 PM

Thought I would post the network topology.

16174-ISP.doc
Preview file
74 KB
0 Helpful

wananga01
Level 1
Level 1
In response to wananga01

‎05-11-2005 02:32 PM

I have not changed any config settings however on our internal network we have a Cisco 3550 switch with VLANs

VLAN100 10.10.0.254

VLAN200 10.2.0.254

VLAN100 is our server vlan and the 10.10.0.0 subnet can access FTP services but the 10.2.0.0 subnet cannot.

0 Helpful
Top