Unable to Run FTPS (FTP Over SSL) across ASA

Unanswered Question
Mar 20th, 2012

Dear all,

there was remote FTP - users behind ASA5540 can connect to it.

Now, with this ftp there is SSL/TLS encryption added and users behind this ASA can't connect to this FTPS.

It this possible for users behind ASA to connect to FTPSs?


I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Patrick0711 Tue, 03/20/2012 - 13:51

Configure your FTP server to send it's public IP address in the PASV response and define a static PASV port range.  You must then open the PASV range inbound in addition to port 990 (assuming you're using FTPS on the default port) for the clients who need to connection.  If you're running FTPS on port 21, you'll need to make sure that FTP inspection is disabled.


This Discussion