Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Ftp traffic is not passing

i have an ftp site setup that should be passing through my firewall but i am getting an error of no translation group. i do have Nat 0 allowing traffic between interface 1 and interface 2.

I have attached a copy of my config

6 REPLIES
Green

Re: Ftp traffic is not passing

A little more info please. Where is the ftp server, where is the client? FTP server address, client address?

Community Member

Re: Ftp traffic is not passing

Sorry, the ftp server is on the MCI interface (192.199.1.4) the client is an external client that is trying to get some information from our site.

the servers address should be 66.0.132.182, and i should allow any address to connect to it... i use this as a support directory for some of my tech's i have on the road.

Shane

Green

Re: Ftp traffic is not passing

Could you post the error message?

Community Member

Re: Ftp traffic is not passing

yes this is the error as i see it on the ASDM

"No translation group found for tcp src inside:209.168.194.226/29759 dst mci:192.199.1.4/21"

From the way that the error reads to me the external address is trying to go to the inside interface instead of going to the mci interface as it should.

Shane

Green

Re: Ftp traffic is not passing

It sees 209.168.194.226 as coming FROM the inside interface, not the external. Is this the case?

Community Member

Re: Ftp traffic is not passing

that is the way that it looks to me but i do not have any such ip address in my firewall nat or route. That address is an external address that i connected to and was testing the ftp server.

156
Views
0
Helpful
6
Replies
CreatePlease to create content