ftp intermittent problems in firewall module

Answered Question
Nov 20th, 2009
User Badges:


we have an WS-SVC-FWM-1 in a 6506 chassis. With an IOS version: 12.2(18)SXF12a and a software version 3.2(2).

Sometimes and without any apparent reason the ftp connections stop to work. To the ftp connections start to work again we have to take off the "inspect ftp" and put it again.

Anyone already had this problem or can suggest troubleshooting for it?

Thank you.

Best regards,

Correct Answer by Kureli Sankar about 7 years 7 months ago

I am 100% sure this is the defect that you are running into.

upgrade the code at the next opportunity.

Good luck.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Kureli Sankar Fri, 11/20/2009 - 17:58
User Badges:
  • Cisco Employee,

How long does it work before failing? When it breaks and before you toggle inspect ftp have you looked at the syslogs to see what may be happening?

I have not heard of this issue but, would certainly like to investigate this further.

pls. enable logging

conf t

logging on

logging buffer 7

sh logg | i

where is the IP address in question.

Let us know what you see when it breaks.

Norberto Salgado Tue, 11/24/2009 - 09:17
User Badges:

Hi Kusankar,

thank you for your reply.

The problem it's a bit different that what I reported you first.

The ftp don't stop to work, only the "quit" command does.

It seems that it stops to receive the flag "F", when the command "quit" it's issued by the client. The ftp client need to kill the process, to the ftp connection be closed.Or we have to take off the "inspect ftp".

The problem it's that we have machines with ftp scripts configured, and then the machines stay full of ftp connections and processes running.

I will add some logs later. Can I use tcp time-out as workaround?

Thank you.

Best regards,

Kureli Sankar Tue, 11/24/2009 - 09:45
User Badges:
  • Cisco Employee,

Does this break after the FWSM module has been up for more than 50 days?

CSCsi27512 You may be running into this issue.

Resolved in 004.000(000.037)          003.002(005.001)          003.001(010)          003.001(009.005)

Does the issue get resolved if you failover?

Norberto Salgado Tue, 11/24/2009 - 12:15
User Badges:

That makes sense...

The FWSM it's up at almost 1 year.

I didn't try the failover, cause the client need to schedule an intervention to do this.

In the client I didn't saw all this sequence after the quit:

221-  You have transferred 0 bytes in 0 files.

221-  Total traffic for this session was 2551 bytes in 1 transfers.

221-  Thank you for using the FTP service on orbi.

221-  Goodbye

I only see:

You have transferred 0 bytes in 0 files.

I will try to disable the 221 multiline and disable the TCP normalizer, and I let you know the results.

Thank you!

Best regards,

Correct Answer
Kureli Sankar Tue, 11/24/2009 - 12:26
User Badges:
  • Cisco Employee,

I am 100% sure this is the defect that you are running into.

upgrade the code at the next opportunity.

Good luck.


This Discussion