Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
New Member

ftp over SSL with static NAT- can this be done ?

My firewall is killing the connection.

The customer wants to start a ftp session then on that same connection negotiate wth SSL ?. Seems the firewall gives the 3way handshake then sends a reset packet back to the client once they try to start the SSL session. At 1st glance it looks like the server is sending the reset back but because the firewall is natting the ftp server to an internet routable address, the firewall is rejecting the packets

1 REPLY
New Member

Re: ftp over SSL with static NAT- can this be done ?

I think you need to find out who is really sending the reset. You can do this by using the capture feature on the firewall.

http://www.cisco.com/univercd/cc/td/doc/product/multisec/asa_sw/v_7_2/cmd_ref/c1_711.htm#wp2025431

292
Views
0
Helpful
1
Replies
CreatePlease to create content