01-07-2008 09:45 AM - edited 03-11-2019 04:44 AM
I am trying to configure a pix to use port 2000 for FTP. How can this be done? this is a 515E with 7.0
thanks
Solved! Go to Solution.
01-10-2008 02:42 AM
Port 2000 is Skinny, and you won't get ftp through it unless you disable skinny inspection on the fw.
no inspect skinny
01-07-2008 10:22 AM
Are you hosting the FTP server on the inside or DMZ? Is it listening on port 2000 or the default 21?
01-07-2008 10:52 AM
The FTP server is on the DMZ and the clients are on the Inside. Other hosts within the DMZ are able to access the FTP server using port 2000. The Inside interface has a higher security level that the DMZ so Inside hosts should be able to access the DMZ without an access list. The FTP server is listening on port 2000, my config so far is
class-map ftp-class
match port tcp eq 2000
policy-map global-policy
!output omitted
class ftp-class
inspect ftp
service-policy global-policy global
thanks
01-07-2008 10:55 AM
Do you have an access list on the inside or DMZ interface that would block port 2000? Does other communications work between the 'inside' and the 'dmz'?
01-07-2008 12:05 PM
If you have no communication between the inside and dmz, you probably need something like...
static (inside,dmz)
01-10-2008 02:42 AM
Port 2000 is Skinny, and you won't get ftp through it unless you disable skinny inspection on the fw.
no inspect skinny
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: