Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Hi,We have a VIP for an FTP service where we do not wish to lose the Client (Source) IP for auditing purposes. So we don't source NAT and force the return traffic back to the ACE with PBR. However the return flow still bypasses the ACE VIP and straig...
Hi Ajay,We are using inspect on both the FW and the ACE. As you imply, this is needed for the PASV port negotiation to work via these devices.Obviously, we are in a Routed, Two-armed mode so slightly different to the scenario on docwiki.cisco.com. Al...
Hi Cesar,It's passive mode. So the client makes an initial connection on port 21, the result of which is the 'sh conn' output in the diagram. We don't get any further than the initial attempted TCP SYN on port 21. So the ACE forwards the client TCP S...
