PIX FTP Question

Unanswered Question
Aug 17th, 2001
User Badges:

I've got Cisco Secure PIX Firewall Version 5.1(4) and I would like to make FTP's download's from my inside network.

Is there any command that I've got to put in the configuration to enable that feature ???



  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
alex.goldstein Fri, 08/17/2001 - 06:19
User Badges:

In the scenario where your FTP server resides on the inside network, and the FTP server is to be made available to outside users there are two steps to take inorder for this to be successful:

1st - A static NAT entry to this server. You may want to advertise this server on WWW and for outside users to more easily resolve, having the server name filed in DNS will be required.

2nd - you will want to establis a conduit. The conduit should have a mapping to the host address and protocol to that host address. There are plenty of examples on CCO for that.

Lastly, although in an ISP environment this is not a requirement, you could restrict user via username and password.

Hope this helps you,


rrbleeker Fri, 08/17/2001 - 08:00
User Badges:

If you have nat/global configured and you are using passive FTP, no special configuration is required. If you are using standard mode FTP, you need to make sure that 'fixup protocol ftp 21' is configured on the PIX. This feature is on by default.


This Discussion