Problems with internal clients using active FTP through PIX
From a host in our inside subnet, using active FTP we can connect to an FTP server out in the Internet but cannot get a list of files. Passive FTP works fine.
I do have "fixup protocol ftp 21" which I thought is supposed to fix this very issue but I can't use active FTP. I've tried a couple of other FTP servers and same thing, I can connect but cannot get data.
Our router between the ISP and the PIX is currently set to allow everything in and out so it's not that.
I'm using PIX Version 6.3(5).
Is there something else I'm supposed to do to make active FTP work for hosts on the inside? Unfortunately, using passive FTP is not an option for what we need to do.
Re: Problems with internal clients using active FTP through PIX
Something is really screwy. I thought passive FTP worked on all of them but it doesn't - only one (my personal FTP site) works in passive FTP but the other three I've tried doesn't work with either active or passive as far as getting the data (I can log in fine).
I did try on one of the FTP sources allowing tcp any to tcp any on a host inside and it didn't make a difference. Even when I tried it for my personal FTP site, I still couldn't get active FTP to work.
I think I'm gonna try to clear some arp caches on the switches - maybe they've gotten corrupted? I've already cleared the translate table on the PIX but that didn't make a difference.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in HA
DocumentationCode download linksGoalRequirementLimitationsSupported ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and UCS-E Blades:Step by Step ConfigurationCo...
I am currently unable to specify "crypto keyring" command when configuring VPN connection on my cisco 2901 router.
The following licenses have been activated on my router :