Unanswered Question
May 13th, 2008

Hi, I have a ACL setup on 2851 router. I have some issues with ACL not allowing FTP connections. I have a test PC that is connected to internet outside our internal network and I can connect with passive and active mode with no problem. However I have clients that connect to our FTP and some of them cannot connect they have to change the (active, passive) mode and then it works. I suspect that their firewall is blocking the connection.

Here is part of the ACL. These statement are the first ones in the ACL so there is nothing in front of them to block the connections. Can anyome spot any problems with the statements? Am I missing something? Thanks for the help!!!

access-list 112 permit tcp any host 63.x.x.x eq ftp

access-list 112 permit tcp any eq ftp-data host 63.x.x.x gt 1024

access-list 112 permit tcp any gt 1024 host 63.x.x.x gt 1024

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
bsudol79p Tue, 05/13/2008 - 10:49

OK I can try that as well, but wouldn't the line access-list 112 permit tcp any eq ftp-data host gt 1024 accomplish the same?

bsudol79p Tue, 05/13/2008 - 12:05

I have CBAC applied to my router, however this ACL is to control outside traffic to our inside LAN and I thought that CBAC should be configured to allow established traffic from inside network not outside.


This Discussion