FTP configuration on router


Can anyone tell me how to configure the router in order support workstation behind the router connect to passive FTP.

When the workstation behind the router tried to connect to Active FTP server, it works. However, when connect to Passive one under IE, after entered the password, the page didn't show up, stay at 'loading' state. In my router configure, I already configured INSPECT FTP and applied to both intside and outside interfaces. I checked the FTP server end, I can see the workstation successfully login, but unable to establish data communication channel. I have no problem when using FTP command under DOS.

Any help is appreciated.

Here's brief configuration

ip inspect name INSPECT_1 ftp ip inspect name INSPECT_1 tcp ip inspect name INSPECT_1 udp

interface GigabitEthernet0/1 ip address x.x.x.x ip inspect INSPECT_1 out

interface Vlan10 ip address x.x.x.x ip inspect INSPECT_1 out

Reply to
Loading thread data ...


I believe CBAC inspection works in conjunction with an Access Control List (ACL) For passive FTP the negotiated data TCP port will be allowed via a rule created dynamically by the CBAC inspection process

Example found here in OReilly "Cisco Cookbook"

formatting link


Reply to

Cabling-Design.com Forums website is not affiliated with any of the manufacturers or service providers discussed here. All logos and trade names are the property of their respective owners.