Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
744
Views
0
Helpful
6
Replies

FTP through VPN 3030

lavanya_cisco
Level 1
Level 1

‎05-14-2005 11:31 PM - edited ‎03-03-2019 09:34 AM

hello all

I have a FTP server on the outside of a VPN 3030 and a host on the private LAN. I'm doing simple static routing on the VPN 3030 to reach the ftp server.

FTP client - VPN 3030 - router ----> FTP server

From the router ethernet segment am able to FTP to the server.

From behind the VPN 3030, am able to ping the FTP server, but not able to FTP it. Will the VPN 3030 block application traffic forwarding ?? There are absolutely no port blocking anywhere else in the network..

Any suggestions please ??

Labels:
0 Helpful
6 Replies 6

Georg Pauwen
VIP
VIP

‎05-15-2005 12:28 AM

Hello,

how is your VPN 3030 connected to the router ? Can you post the configuration of your router ?

Regards,

GP

0 Helpful

lavanya_cisco
Level 1
Level 1
In response to Georg Pauwen

‎05-15-2005 01:05 AM

Hello george,

VPn 3030 public and the router's FE int are put on a VLAN on a switch.. ie logically connected back to back.. again to be clear, am able to ping the ftp server from the client, but not able to do ftp or telnet on port 21.. similar thing happened when i tried to traverse through VPN 3030 for telnet/ssh earlier , before 6 months.. does the vpn 3030 block outbound application traffic, for security reasons ?? bypassing the vpn 3030 is the only solution for this ???

Router config is plain and simple:

interface FastEthernet0/0.2

encapsulation dot1Q 2

ip address 10.50.1.1 255.255.255.0

no cdp enable

pls confirm...

0 Helpful

Georg Pauwen
VIP
VIP
In response to lavanya_cisco

‎05-15-2005 04:26 AM

Hello,

the default VPN Concentrator traffic management rule is to allow any in/any out. I assume you have already checked if the default rule is still in place ? Can you do a ´telnet x.x.x.x 21´ (where x.x.x.x is the IP address of the FTP server) from the FTP client ? This just to verify that something is actually being blocked (if you get an ´open´ that would mean that FTP is going through, but that there is some other problem with e.g. the FTP server)...

Regards,

GP

0 Helpful

lavanya_cisco
Level 1
Level 1
In response to Georg Pauwen

‎05-15-2005 09:39 PM

Hello GP,

I cannot do a telnet on port 21.. I had checked this already.. am sure VPN is blocking something.. anything else to be checked ??

0 Helpful

Georg Pauwen
VIP
VIP
In response to lavanya_cisco

‎05-16-2005 04:52 AM

Hello,

can you try and reset the concentrator to factory defaults by deleting the "config" file (from the File Management screen) and rebooting the device ?

Regards,

GP

0 Helpful

lavanya_cisco
Level 1
Level 1
In response to Georg Pauwen

‎05-16-2005 05:43 AM

hello GP,

this is a production box.. cant do this.. noway can i delete the file or reboot.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card