Help with FTP port forwarding in PIX-515E

Unanswered Question
Jun 11th, 2008


Can someone help me with ftp port forwarding config on PIX515E?


Public IP--->PIX------------>Router------>FTP Server

202.176.x.x->PIX->10.233.x.x->Router->10.234.x.x->FTP Server

I only need to forward the ftp ports (20 & 21)only.



I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 4 (2 ratings)
Jon Marshall Wed, 06/11/2008 - 07:27

On the pix

static (inside,outside) tcp 202.176.x.x 20 10.234.x.x 20

static (inside,outside) tcp 202.176.x.x. 21 10.234.x.x. 21

and obviously allow it in an access-list.

If 202.176.x.x is the public IP address of the pix external interface then replace the address with keyword interface in the above static's eg.

static (inside,outside) tcp interface 20 10.234.x.x 20


capajaron Sat, 06/14/2008 - 22:37

Hi jon,

I have tried the sample you gave but still it doesn't work, i guess i have given an incomplete details.

Here is the complete setup.



>I just need to port forward ftp traffic to 10.130.x.x from the web.

>Is it possible if i will be pointing an ftp traffic to 203.175.x.x ip from the web then the pix will forward it to 10.130.x.x ftp server? Also made a trace on 203.175.x.x and it will pass through 202.176.x.x Router, but the problem is it's not working.



Collin Clark Wed, 06/11/2008 - 07:33
<font size="2"></p><p>static (inside,outside) tcp 202.176.x.x 20 10.234.x.x 20 netmask</p><p></p><p>static (inside,outside) tcp 202.176.x.x 21 10.234.x.x 21 netmask</p><p></font>

You'll also need to add access in your access list.

Hope that helps

UPDATE: Sorry Jon, you type faster than I do!

Jon Marshall Wed, 06/11/2008 - 07:35

No problem Collin, happens to me all the time. I thought i was the slowest typist on NetPro :-)

sdoremus33 Wed, 06/11/2008 - 09:31

After the config,you might want to verify via tcpdump on traffic.

On a Pix 515 you would issue the capture commmand Ex(See Below)

capture testcap . Then run a test FTP session and view the capture output.HTH


This Discussion