We need help to configure a cisco pix firewall to conect to my ftp server in the lan, i create a static rule and a access-list from the outside.but i can't conect.
Any Idea??
Thanks in advance
- posted
17 years ago
Cisco Pix and FTP server
Loading thread data ...
- Vote on answer
- posted
17 years ago
comp.dcom.sys.cisco is a better place for PIX advice.
There are a number of possible causes for what you describe. We need to know the PIX software version, the static rule, the access-list contents, the access-group statement, any applicable protocol inspection statements, and whether you are using passive or active ftp. Also, it would help if you were to push your logging level up to 6 and to present the relevant log messages.
- Vote on answer
- posted
17 years ago
You may wish to investigate the Cisco PIX 501 Firewall Config Template:
formatting link
and Cisco PIX VPN GUI Config:
formatting link
Sincerely,
Brad Reese
formatting link
- Vote on answer
- posted
17 years ago
Cisco routers use TFTP protocoll instead of FTP. Try install in your network TFTP server & connect to it.
Loki
dospedres wrote:
- Vote on answer
- posted
17 years ago
The Cisco PIX is not a router: it is a firewall. The OP is trying to configure FTP through the firewall (from outside) to something inside.
By the way, PIX 7.0 and later can configure via FTP.
formatting link
- Vote on answer
- posted
17 years ago
FTP.http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_70/... I suggest you capture the traffic to see whats happening, do the following
# access-list test permit tcp any eq
21 # capture test access-list test interface outside # capture test1 access-list test interface insidemake an ftp attempt to connect
# show capture test { to see if the request packets hits the firewall external interface } # show capture test1 { to see if the packet leaves the firewall inside interface to the ftp server }
you may then check for return traffic to confirm a complete tcp handshake occurs or not.
ref.
formatting link