Unanswered Question
Jul 11th, 2008
User Badges:


I am configuring an FTP SSL connection in the CSS. I have set the ssl-server and applied the ssl-proxy-list to the service and the services to the content. It is not running so, I don't know if a priory I have missed something because I have got a https ssl connection and it is working cool. If I try to connect to the ftp server without apply the ssl and through the CSS it works fine. Any idea to check??... thanks a lot.

ssl-proxy-list SSL-BCN

ssl-server 20

ssl-server 20 cacert INTRANET

ssl-server 20 rsacert INTRANET

ssl-server 20 rsakey INTRANET

ssl-server 20 vip address

ssl-server 20 port 990

ssl-server 20 cipher rsa-with-3des-ede-cbc-sha 21


service sftp

ip address

protocol tcp

keepalive port 21

keepalive type tcp

port 21

redundant-index 18


service ssl-intranet

type ssl-accel

add ssl-proxy-list SSL-BCN

keepalive type none

slot 3


owner Varios

content ftp

vip address

protocol tcp

port 21

add service sftp

add dns ftp

application ftp-control


content sftp

vip address

add service ssl-intranet

application ssl

add dns sftp

port 990

protocol tcp


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Gilles Dufour Tue, 07/15/2008 - 03:24
User Badges:
  • Cisco Employee,

FTPS is not exactly SSL.

It starts as a normal FTP session and after negotiating SSL it switches to SSL.

Our SSL decode expects SSL from the first packet.

So, you can't use it for FTPS.


Oscar Cardiel Wed, 07/16/2008 - 06:53
User Badges:

Thank you for your help Gilles... yes, indeed, I agreed with you.



This Discussion