05-27-2008 07:05 AM - edited 03-11-2019 05:50 AM
Does the inspection on Cisco PIX or ASA os (7/8) support the FTP extended passive mode
http://en.wikipedia.org/wiki/Ftp
"In extended passive mode, the FTP server operates exactly the same as passive mode, however it only transmits the port number (not broken into high and low bytes) and the client is to assume that it connects to the same IP address that was originally connected to. Extended passive mode was added by RFC 2428 in September 1998."
Thanks in advance.
RT
05-27-2008 11:50 PM
Its supported in code 7.0 and later.
6.x code doesnt support it
Syed
09-10-2013 11:55 PM
What about IOS?
7201 with IOS c7200p-adventerprisek9-mz.150-1.M8.bin
Zone Based Firewall
match protocol ftp
inspect
Had to disable EPRT and EPSV on the server, but it's not good idea, all new ftp clients tend to prefer them.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: