Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Unable to do FTP via ASA

Hi All

Urgent help required

We are having one ASA5520 , ASA Version 7.2(2) (AIP-SSM Module integrated , IPS in Inline mode) which is the internal firewall . Behind it there are various VLANs where all the users sit . ASA connects to perimeter which is Checkpoint firewall which leads to internet . The issue is that when we try to do a FTP (CLI) from inside user IP Range 192.168.X.X(Hide NATTED for internet access in Checkpoint fw) and download a file say around 5 MB , the downloading happens for a few minutes and gets stuck in between.Howver sometimes it finishes successfuly also ; however sometimes it gets stucked.We have tried connecting the machine just behind the checkpoint firewall (i.e without packet crossing ASA) and the same works fine . Please can any one tell me how to rectify the same . I am attaching few snapshots and some of the details with this post

Regards

Ankur

2 REPLIES
New Member

Re: Unable to do FTP via ASA

How are the rules set from checkpoint to the ASA? Is it all open from the checkpoint to the ASA or only certain ports are open on the checkpoint?

New Member

Re: Unable to do FTP via ASA

Hi

The design is as below

Users -> L3 -> ASA - > Checkpoint -> Internet

The rules for FTP port in asa and checkpoint are enabled for the user LAN. Also the users are NATTED behind the outside interface in Checkpoint to go out for FTP on any destination

Regards

Ankur

115
Views
0
Helpful
2
Replies