I have a problem with an IOS firewall. The thing is that I'm using an FTP client to collect data from the wan (it's on passive mode). The session gets established, through port 21 (wich is on my access-list). I cannot get the transfer completed because FTP opens a random port for this part, from 1024 to 65535.
I could add a new line on my access-list permiting tcp any any range 1024 65535, but my client won't accept this. It's a quite fair decision, since I'd be opening almost all the ports.
Is there a solution for this problem? So my firewall can detect the new session.
I have already tried to inspect ftp as a global policy, but it didn't work.
We have configured the outside and inside Interface with official ipv6 adresses, set a default route on outside Interface to our router, we also have definied a rule , which also gets hits, to permit tcp from inside Interface to any6.
In Syslog I also se...