04-10-2008 08:17 AM - edited 03-11-2019 05:29 AM
Hi All
Urgent help required
We are having one ASA5520 , ASA Version 7.2(2) (AIP-SSM Module integrated , IPS in Inline mode) which is the internal firewall . Behind it there are various VLANs where all the users sit . ASA connects to perimeter which is Checkpoint firewall which leads to internet . The issue is that when we try to do a FTP (CLI) from inside user IP Range 192.168.X.X(Hide NATTED for internet access in Checkpoint fw) and download a file say around 5 MB , the downloading happens for a few minutes and gets stuck in between.Howver sometimes it finishes successfuly also ; however sometimes it gets stucked.We have tried connecting the machine just behind the checkpoint firewall (i.e without packet crossing ASA) and the same works fine . Please can any one tell me how to rectify the same . I am attaching few snapshots and some of the details with this post
Regards
Ankur
04-11-2008 08:35 AM
How are the rules set from checkpoint to the ASA? Is it all open from the checkpoint to the ASA or only certain ports are open on the checkpoint?
04-13-2008 10:10 PM
Hi
The design is as below
Users -> L3 -> ASA - > Checkpoint -> Internet
The rules for FTP port in asa and checkpoint are enabled for the user LAN. Also the users are NATTED behind the outside interface in Checkpoint to go out for FTP on any destination
Regards
Ankur
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: