Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
Announcements
Step-by-Step Configuration and Troubleshooting Best Practices for the NGFW, NGIPS and AMP Technologies A Visual Guide to the Cisco Firepower Threat Defense (FTD)
Community Member

Outbound client ftp connections not working.

Having trouble figuring this out.  Probably missing something simple.

I have some users that are trying to initiate a passive ftp connection to a server on the web.

I’ve setup an object group for general web traffic outbound sourced from inside.  Here’s a snippet.

object-group service web_general tcp-udp

port-object eq 21

port-object eq www

port-object eq 443

and ACL.

access-list inside extended permit object-group tcp-udp object-group myUsers any object-group web_general

the user tries to open a connection and nothing..

any ideas on troubleshooting?

Everyone's tags (2)
1 REPLY
Super Bronze

Re: Outbound client ftp connections not working.

Hi,

If your users interface on the ASA is "inside" then first try "packet-tracer" to determine what configurations would apply for this connection

packet-tracer input inside tcp 12345 21

Also check that you have FTP Inspection enabled in your Policy Map

Use the command

show run policy-map

- Jouni

115
Views
0
Helpful
1
Replies
CreatePlease to create content