02-20-2001 10:47 AM - edited 02-21-2020 11:17 AM
I have a site to site VPN setup with Cisco/Altiga VPN concentrators and I'm having issues with FTP through the VPN. Unix boxes work just fine, but NT fails. I know unix uses passive ftp and nt uses active, but that really shouldn't matter here. Any ideas???????
02-20-2001 06:36 PM
Are you using any filtering mechanisms? as in access list or firewall ip filtering?
if so then I think it could be that NT "is" using active FTP!, because in active mode, when the remote (client) end wants to send a file it tries to open a TCP connection to ports above 1024 on the local (server) machine instead of ftp-data (20). This means you can't restrict these TCP connections without breaking active FTP.
02-21-2001 10:40 AM
No filters. Traffic is open to all. The only thing i can think of is that maybe the VPN concentrator, being the security conscious entity it is, drops packets because the ports change. Just a guess.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide