Hello everybody,
I need some advices by Cisco geeks :-)
I have a linux server with vsftpd installed, behind a "Cisco ASA5510". This one provides Static NAT on the server, like that :
----- static (int1,ext) tcp XX.XX.XX.XX ssh red4 ssh netmask 255.255.255.255 static (int1,ext) tcp XX.XX.XX.XX www red4 www netmask 255.255.255.255 static (int1,ext) tcp XX.XX.XX.XX https red4 https netmask 255.255.255.255
-----
The server is named "red4" into the cisco config:
----- name 192.168.0.3 ... name 192.168.0.4 red4 description "... server4" name 192.168.0.5 ...
-----
So, only ssh, http and https ports are routed. However, here a sample of the vsftp log :
----- Sun Jun 1 17:14:32 2008 [pid 16364] CONNECT: Client "74.54.18.114" Sun Jun 1 17:14:34 2008 [pid 16363] [Administrator] FAIL LOGIN: Client "74.54.XX.XXX" Sun Jun 1 17:14:37 2008 [pid 16363] [Administrator] FAIL LOGIN: Client "74.54.XX.XXX" Sun Jun 1 17:14:40 2008 [pid 16363] [Administrator] FAIL LOGIN: Client "74.54.XX.XXX"
-----
74.54.XX.XXX is an American external IP address, that I don't know at all.I have only two explications about this :
First explication, the Cisco left enter packets from this address, or is not well configured. However, I have try to connect by ftp from an external IP, and the connection is refused. Can you give me a process to check the configuration ?
Second explication, a server on the local network act as a router from the external IP.
Any idea ? Thanks.