10-29-2009 09:42 AM - edited 03-11-2019 09:34 AM
Dear ALL,
I have a PIX 515E 6.3 , a ftp server on windows 2000. A customer of me, sometimes esperinces ftp sessions hung without any particular reason. In the PIX's log I can find this error: Deny tcp src inside:192.168.0.239/20 dst outside: a.b.c.d/2435 by access-group "acl-outbound"
Why this behaviour since acl-outbound acl permit ftp sessions?
Regards
Alberto Brivio
10-29-2009 10:09 AM
You can check for ftp fixup. If it is enabled that could explain the behavior. If the fixed timed out then the pinholoe for ftp is no longer open.
I hope it helps.
PK
10-30-2009 01:20 AM
FTP fixup is enabled, but ftp session is no longer than 2 minutes so how can it timed out?
10-30-2009 01:51 PM
Not likely.
Unless the inspection tears the data channel connection for some other reason.
PK
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: