Unable to Run FTPS (FTP Over SSL) across ASA

Unanswered Question
Mar 20th, 2012
User Badges:

Dear all,


there was remote FTP - users behind ASA5540 can connect to it.


Now, with this ftp there is SSL/TLS encryption added and users behind this ASA can't connect to this FTPS.


It this possible for users behind ASA to connect to FTPSs?


Regards

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Patrick0711 Tue, 03/20/2012 - 13:51
User Badges:
  • Bronze, 100 points or more

Configure your FTP server to send it's public IP address in the PASV response and define a static PASV port range.  You must then open the PASV range inbound in addition to port 990 (assuming you're using FTPS on the default port) for the clients who need to connection.  If you're running FTPS on port 21, you'll need to make sure that FTP inspection is disabled.

Actions

This Discussion