PIX and FTP Connection Issue

lsittechsupport · ‎03-22-2009

Hello,

I have a stand alone Windows 2003 Server set up for FTP.

The server is set up with usernames and passwords required and no anonmymous login allowed.

I can successfully use it from within the office. However from outside of the network it fails to retreive the directory listing. I am receiving the error: "Server sent passive reply with unroutable address. Using server address instead".

In the PIX Config I have the following lines:

access-list outside extended permit tcp any host 192.168.5.5 eq 31

static (inside,outside) tcp 192.168.5.5 31 154.56.76.12 31 netmask 255.255.255.255

Public IP of Server: 192.168.5.5

Internal IP of Server: 154.56.76.12

Any ideas on what I am missing would be great.

Thanks in advance.

Stephen

bborovac · ‎03-22-2009

are you using tcp/31 instead of tcp/21 for ftp ?

lsittechsupport · ‎03-22-2009

Yes, we need to have three seperate ftp servers on the one machine. So we were hoping to use ports 31/32/33.

At the moment I am just testing on 31.

Sorry should have mentioned that in the post.

vikram_anumukonda · ‎03-22-2009

fixup protocol ftp 31

if you are running 7.x code

class-map FTP_31

match port tcp eq 31

!

policy-map global_policy

class FTP_31

inspect ftp

!

service-policy global_policy global

HTH

Vikram

lsittechsupport · ‎03-22-2009

Thankyou for the help.

Vikram your suggestion was perfect. Problem Solved.

Thanks Again