Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
415
Views
0
Helpful
2
Replies

FTP Access

jmarsh8034
Level 1
Level 1

‎04-23-2007 06:14 AM - edited ‎03-05-2019 03:37 PM

Hello,

I am having problems with allowing access to my FTP site. I have had it working in the past, but tried to make some changes to my router over the weekend and was forced to reset the configuration and start over. I saved my previous configuration and put it back in in what I thought was line for line, but now my FTP site can't be accessed from outside my LAN. Could someone please look at my attached configuration and tell me what I am doing wrong?

Labels:
Preview file
4 KB
0 Helpful
2 Replies 2

Richard Burts
Hall of Fame
Hall of Fame

‎04-23-2007 07:25 AM

Jason

I have looked at what you configured and have these observations and questions:

- you have configured:

ip port-map ftp port tcp from 20 to 21 list 2 description FMG FTP

I do not understand why this command is there since it does not seem to change from the system defined defaults. But since it is there there are several issues with it. After the keyword "port" there should be a port number but there is not. Also the keyword "list" indicates that there is a standard access list identifying the host(s) to which the map applies. You indicate list 2 but there is no list 2. If you keep the command then you need to configure access-list 2.

also the documentation indicates that the port-map is intended for use with CBAC but I do not see any indication that CBAC is being used. I suggest that you remove the port-map command and see if things improve.

- I also wonder about this:

ip nat inside source static udp 192.168.x.x 21 interface FastEthernet4 21

I can understand a translation of tcp port 21 but why translate udp port 21. I also wonder if you are doing static translation of tcp port 21 if you should do a static translation of tcp port 20 also.

HTH

Rick

HTH

Rick
0 Helpful

jmarsh8034
Level 1
Level 1
In response to Richard Burts

‎04-23-2007 12:17 PM

Allright I have made the changes that you have suggested and still no go. I am very confused now and am wondering if there is something that need to be enabled to allow static nat translations. Is there some way to troubleshoot this that will help. I am posting my configuration again to see if anyone can help please.

Preview file
4 KB
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card