Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
492
Views
0
Helpful
2
Replies

FTP issues from Internal server

fortis123
Level 1
Level 1

‎05-22-2008 11:35 AM - edited ‎03-03-2019 10:03 PM

Hi all,

L3Switch --> ASA--> Internet router.

The Switch Does not have any default route configured but has BGP with Internet router. BGP injects default route in to Switch.

B* 0.0.0.0/0 [200/0] via 6.91.31.65, 7w0d

ASA has OSPF enabled and the L3 switch as well. From any PC in the network if we check whatismyip.com: 6.91.31.70 (ASA outside interface IP).

The problem here is we are trying to FTP to external site from a server iside the switch, it allows us to loginto site but any other command- immediately disconnects.

---------------------------------------

ftp> ls

500 Illegal PORT command

425 Unable to build data connection: Connection refused

-------------------------------------

The server can make successful FTP to internal servers at another location via P2P DS3 link. I tried 1. Removing the ACL on the internet router outside interface and also wilth passive FTP (from windows ftp client on server)- but no luck.

The destination has ports open for : 6.91.31.70

Please suggest...

Thank you

MS

Labels:
0 Helpful
2 Replies 2

fortis123
Level 1
Level 1

‎05-22-2008 12:30 PM

Ok.. I got lucky with enabling 'inspect ftp' on ASA and removing ACL from Internet router external interface.

But as it is not a good idea to leave the external interface on the Internet rtr open, iam looking for a way to get thsi accomplished. This server currently has no public IP or static nat configured on the ASA. It hits the internet via Nat'ed IP of the ASA outside interface as any other servers/work stations.

So inorder to accomplish what Iam looking for do I need to have Static Public IP for the Internal server..? Also, what kind of ACL helps me out here from allowing FTP connections sourced from this server.

Thanks you in advance

MS

0 Helpful

fortis123
Level 1
Level 1
In response to fortis123

‎05-23-2008 06:59 AM

Resolved myself with proper ACLs.. :-)

Thank you

MS

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card