I've been surfing around to try and work out how to configure a PIX to support FTP/TLS access from an Internet user to a server behind my PIX.
I can't see any examples of how to configure this but a few posts suggests that the PIX / ASA doesn't support this feature. I understand that the control connection is encrypted resulting in the PIX not been able to see the Data / PASV reply.
The FTP client is Filezilla.
Any help in debugging or solving this would be appreciated.
Regards
Darren
FTP/TLS access from an Internet user to a server behind my PIX.
that the PIX / ASA doesn't support this feature. I understand that the control connection is encrypted resulting in the PIX not been able to see the Data / PASV reply.
Either you open the full range of ports towards the FTP/TLS server (and then you have a 1:1 NAT towards that server since you cannot predict in advance which port will be used for the data connection ) or yes the PIX won't open the hole for the data connection unless it proxies the TLS connection but afaik that's done only for the IP phones.
HTH Ale
Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.