I have a PIX firewall that has two VLAN's
LAN machines are connected directly to the PIX and the PIX firewall is the dfault gateway for machines.
Customer mcahines are connected to a router (default gateway) and that router is connected to the PIX firewall on the customer VLAN.
I am using active FTP over the internet.
LAN machines are using the FTP service ok but its not working for customer machines (authentication works and no data transfer).
I got the following logs on firewall when try to do the ftp from customers machine. It is TCP Reset-I. Any suggestion to solve this. Firewall is already have FTP inspection and allowing full access outbound but not inbound.
I got a deny packet when i write 'dir' to get the directory list on FTP and there it failed. Any suggestion will be great help for me.
Jun 1 14:40:40 10.10.10.10 %PIX-6-302013: Built outbound TCP connection 529822889 for Internet:220.127.116.11/21 (18.104.22.168/21) to Customer:10.16.248.65/44774 (22.214.171.124/59103)
Jun 1 14:41:00 10.10.10.10 %PIX-6-302013: Built outbound TCP connection 529823614 for Internet:126.96.36.199/20 (188.8.131.52/20) to Customer:10.16.248.65/44781 (184.108.40.206/59981)
Jun 1 14:41:03 10.10.10.10 %PIX-6-302014: Teardown TCP connection 529823614 for Internet:220.127.116.11/20 to Customer:10.16.248.65/44781 duration 0:00:03 bytes 0 TCP Reset-I
Jun 1 14:41:03 10.10.10.10 %PIX-4-106023: Deny tcp src Internet:18.104.22.168/20 dst Customer:22.214.171.124/59981 by access-group "Internet_access_in" [0x0, 0x0]
Jun 1 14:43:41 10.10.10.10 %PIX-6-302014: Teardown TCP connection 529822889 for Internet:126.96.36.199/21 to Customer:10.16.248.65/44774 duration 0:03:01 bytes 1136 TCP Reset-O