Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Attention: The Cisco Support Community site will be in read only mode on Dec14, 2017 from 12:01am PST to 11:30am for standard maintenance. Sorry for the inconvenience.

New Member

ASA support of ftp AUTH command

What support does the ASA provide for the ftp auth command? Is it possible to write an access list to permit some users to bypass ftps encryption while others are forced to use encryption? I would like my server to enforce ftp with ssl/tls. However, there are two old legacy scanners that would not be able to use certificates. Can the firewall be of any use in determining who must use ftps? I don't see anything in the ASA documentation to think there would be any assistance, but I thought I would ask anyway.

2 REPLIES
New Member

Re: ASA support of ftp AUTH command

You can configure FTP authentication proxy in ASA. To enable FTP or Telnet authentication proxy, you must enable AAA services, configure the FTP or Telnet server, and enable authentication proxy. You can configure ACL under AAA configuration.

http://www.cisco.com/en/US/docs/ios/12_3/feature/guide/ftp_tel.html#wp1027188

New Member

Re: ASA support of ftp AUTH command

I am looking for recognition of the ftp "auth ssl" or "auth tls" commands. I would like examples of using ftp strict inspection in combination with access lists to define who must use auth ssl and others who would be exempt. I would also appreciate comments discussing whether this approach would really work to restrict who must use ftp over ssl.

317
Views
0
Helpful
2
Replies
CreatePlease to create content