Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Create a new article
3578
Views
0
Helpful
0
Comments

How to configure the PIX 525 Firewall for FTP with the fixup protocol command

TCC_2
Level 10
Level 10

‎06-22-2009 04:37 PM - edited ‎03-08-2019 06:16 PM

Resolution

There are two modes in FTP:

  • Active FTP The PIX Firewall inspects the traffic and allows the outside server to open the data channel as long as the fixup protocol ftp command is enabled.

  • Passive FTP The client opens both channels, ftp and ftp-data.

The PIX cannot fix the secure FTP connections. When the data channel is opened with the port command, the PIX does not understand it since those commands are already encrypted and cannot dynamically open the ports for the data channel.

In order to make secure FTP work, restrict the range of ports on the secure FTP server (for the data channel) and then open up those ports on the outside interface.

Labels:
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents